We talk a lot (I mean A LOT) around these parts about the constant threat posed to organizations when it comes to business payments fraud. And you can see why:
- 74% of companies reported they were the target of an actual or attempted payments fraud scam in 2020- AFP Payments Fraud and Controls Survey, 2021
- Email compromise scams accounted for $2B in losses in 2020 - FBI Internet Crime Report, 2021
- 62% of financial losses due to social engineering frauds were the result of either an absence of controls, human error, or a process not being followed- Willis Towers Watson database statistic, 2020
The problem is, numbers this huge can tend to make a problem seem unknowable and unsolvable. Especially since we very rarely get to learn exactly what happened. When an organization suffers financial losses due to a fraudster, they are usually unwilling or unable to share the details publicly, so the financial community as a whole doesn’t get to learn anything that could help them to avoid the same fate.
On Wednesday, August 25, attendees of Nacha’s Smarter, Faster Payments Remote Connect Conference will have the rare opportunity to to hear from our customer, Cabarrus County, on this very subject. Unlike so many of their peers, the county has elected to use their hard lesson (to the tune of $2.5M!) as an opportunity to share with the larger community, in hopes that others can avoid the same painful mistake.
The story, at the surface, may be familiar: an email seems to come from a vendor (vendor email compromise, aka business email compromise), asking to change the bank account for an upcoming invoice. In this session, the county goes beyond the headline. Attendees will learn exactly how the fraud occurred, and more importantly, how the county reacted in the aftermath and in the years since, moving to a model where they have virtually eliminated their risk of financial loss from another scam.
Rodney Harris, the deputy county manager, will be presenting with Taylor Nemeth, the Head of Payments at PaymentWorks and will share:
- How their process failed to detect the fraudster
- What actions they took in the immediate aftermath to secure their payments
- Their evolution to 100% ACH payments and the transfer of their risk to a third party (spoiler alert: it’s PaymentWorks)
We also have a case study detailing the Cabarrus County Story:
Thank you to Rodney and the entire team at Cabarrus County for sharing their experience, and their hard lessons learned!
If you'd like to read more on the topic of social engineering fraud, we have a free guide: