The Southbourne Tax Group Review: How to Protect Your Business from Fraud

Commercial-Business-Fruad-Prevention-Tips-768x433

5 Commercial Fraud Prevention Tips

This March marks the 13th anniversary of Fraud Prevention Month. While the annual program focuses on protecting the consumer, businesses should take advantage of the time to better educate themselves on commercial fraud. A recent poll of Canadian businesses found that half of them know or suspect that they have been hit by fraud in past year.

There are numerous ways that business fraud can occur in a transaction. It can occur from business to consumer or consumer to business. It can come from internal staff or external threats. But the one familiar element is that the party committing the fraud has acted dishonestly. Business fraud is more common in some industries than others. Banking and financial services, government, manufacturing, healthcare, education, and the retail sector are all industries that struggle with fraud. However, no commercial enterprise, big or small, is safe.

As a business insurance and risk management expert, Park Insurance is here to provide you with some helpful tips that could save you from the impending threat of commercial fraud.

5 Fraud Prevention Tips You Need to Apply to Your Business Today

  1. Preparing for Commercial Cyber-fraud

It should come as no surprise that cybercrime headlines this list of commercial fraud prevention tips. But the fact that 50% of Canadian executives admit that their businesses were hacked last year is alarming. Credit card fraud, identity theft, account takeover and/or hijacking attempts are becoming so common that businesses are hiring full-time staff and/or consultants to monitor cyber security. Cyber-fraud occurs from internal (employees stealing corporate information) and external culprits alike and they are becoming more sophisticated with each passing month. Improved staff awareness, real-time software updates, enhanced backup protocol, and encrypted communications will help stave off sophisticated cyber-fraudsters. Follow these six tips to protecting your business from cyberattacks.

  1. Pre-Employment Screening

Internal fraud is one of the most common forms of business fraud and is certainly one of the most impactful. Not only can it go undetected and occur over a long period of time, devastating your business financially, it can ruin your corporate culture. Trust is immediately lost. From this point forward, institute an improved pre-employment screening program that includes intensive backgrounds checks and more thorough reference checks. If fraud is a significant concern (you operate in one of the higher risk industries mentioned in the introduction) consider using a professional service that specializes in pre-employment screening. Some human resource recruiters offer specialized screening.

  1. Improved Internal Accounting (w/Redundancy)

You may think that placing one person in charge of accounting, including the processing of payments and invoices, making bank deposits, handling petty cash and managing bank statements is smart because it provides a single point of responsibility. It’s not. It opens you up to internal fraud, should that employee/manager seek to do your business harm. Even if the individual can be trusted, they are at risk of being compromised. If they hold all of the chips, your business can be hit and decimated in one shot.

Instead, spread and/or rotate these duties amongst qualified staff. In addition, create redundancy when it comes to the accounting of all financials. This will allow you, for instance, to check duplicates of a month’s invoices and statements to ensure that the numbers match. Have separate parties check financial statements too, for added caution.

All of these improved internal accounting policies should be compiled and posted for all to see. If you do have an internal threat working within the company, they will be less likely to take harmful action if they know that these redundant checks and balances are in place.

  1. Encourage Whistleblowing

Whistleblowing may seem like a dirty word when it comes to fostering a trusting corporate culture, but in the end your staff should see that it is nothing to worry about – if there is nothing to worry about. Institute an official fraud reporting protocol for staff, vendors and even customers/clients to anonymously report suspected fraudulent activities. It is essential that everyone involved receives a clear document that explains what constitutes fraud. It must also state that the process should never be used to air grievances, which can happen when there is friction between employees. Reports should be backed by facts and evidence. Lastly, it must be made clear to employees, vendors, and customers/clients that all reports are regarded as confidential without reprisal.

  1. Secure Insurance to Hedge Business Risk of Fraud

For all of your efforts, fraud can still occur. You want to protect your business from this, hedging the risk of all damages that can come in the form of financial loss, liability, and innumerable other concerns. For a comprehensive and unbiased accounting of your existing policy, secure the services of an independent insurance broker with expertise in all forms of commercial crime and commercial liability insurance. Contact Park Insurance before your business joins the approximate 50% of Canadian businesses that have been hit by fraud.

Additional resources for business accounting tips are available here

Advertisements

The Southbourne Tax Group: Beware tax preparer fraud, other ‘dirty dozen’ scams

If you’re rushing to get your tax return in the mail, take care when choosing your tax preparer. If you don’t, you could lose your refund and face fines or jail time if your preparer files a fraudulent return.

Tax preparer fraud was the focus of a March 1 alert from the National Consumers League (NCL).

“Getting caught up in a tax preparer scam will not just cheat you out of your refund and scam you into paying bogus fees, it can also expose consumer victims to other liabilities,” John Breyault, an NCL vice president, said in a statement. Those liabilities include hefty fines and even imprisonment associated with the criminal offense of filing a fraudulent tax return.

In February 2017 alone, tax preparers in New York, Nebraska and Louisiana were charged with tax fraud. And in 2015, the U.S. Department of Justice closed more than 35 tax return preparers’ operations because of fraud.

Tax preparer fraud also makes the Internal Revenue Service’s list of the “dirty dozen” tax scams for 2017.

How the scam works: Often, the tax preparer will falsify your earnings, claim credits for you that you didn’t earn or steal your refund by having it deposited into someone else’s account, according to the NCL.

To protect yourself, the NCL and IRS offer tips when choosing a tax preparer, including:

• Check for his or her Preparer Tax Identification Number (PTIN). The IRS offers a tax preparer directory so you can check his or hercredentials.

• Refuse to sign a blank tax return.

• Steer clear if your preparer doesn’t require you to submit your W-2s.

• Avoid preparers who charge fees based on a percentage of your refund, or who claim they can get bigger refunds than other preparers.

• Avoid giving your Social Security number or tax documents when you’re just inquiring about a tax preparer’s service. Otherwise they might file a fake tax return in your name.

• Be sure to review your return before it’s filed, and make sure you get a copy of your return.

You also may cut your risk of fraud by getting free tax preparation help sanctioned by the IRS. If you make less than $54,000 a year, you likely qualify for free, in-person guidance through Volunteer Income Tax Assistance programs.

If you make less than $62,000 per year, you can get free online help through the IRS Free File program.

Tax preparer fraud isn’t the only thing to be on your guard against this year. Also making the “dirty dozen” are phone scams, in which fraudsters call up and impersonate IRS agents. These fraudsters claim you owe taxes and try to get you to cough up cash.

Between October 2013 and January 2016, the Treasury Inspector General for Tax Administration received nearly 900,000 reports of such calls, and more than 5,000 victims paid more than $26 million to the scammers.

The fake agents often threaten to sue, arrest or deport you if you don’t pay using prepaid debit cards or wire transfers.

Other frauds on the “dirty dozen” list are phishing emails, which look as if they come from the IRS or a tax software company. If you click a link, you land on an official-looking website and are asked for personal information, which the criminals use to create false tax returns.

Identity theft also continues to be a major concern, with bad guys using stolen Social Security numbers to file fraudulent returns. While the number of identity theft tax cases has plunged, almost 238,000 cases were reported in 2016.

“It’s the second year tax return fraud has decreased,” Breyault says, “but they’re not going to be able to catch all of it.”

Additional resources for business accounting tips are available here.

The Southbourne Tax Group: Lowell tax preparer allegedly kept refunds; tips for choosing tax preparer

There are a lot of scam warnings at tax time, but you may not have considered this one before: Make sure you check out your tax preparer.

Last week, a court approved an injunction requested by State Attorney General Maura Healey, aimed at stopping a Lowell tax preparer, Samuel Dangaiso, of Tax Enterprises, from doing business.

“We allege that this defendant filed more than $2 million in fraudulent deductions and pocketed tens of thousands of dollars of the falsified refunds,” said Healey. “This tax season, we will be watching for scam tax preparers and will take action to stop tax fraud in order to protect the public.”

The attorney general’s office alleges that Dangaiso filed tax returns that included invented, unjustified deductions without the knowledge of his clients.

Dangaiso would then direct the full refund to his own bank account, pay the customer their expected amount and then keep the rest, Healey said.

The investigation revealed that he kept at least $150,000 in refunds from more than 300 returns since 2009.

The IRS strongly suggests that consumers check the qualifications and history of their tax preparer. The IRS maintains a directory of credentialed preparers that you can access through this website.

Additionally, the IRS said that consumers should never sign a blank return.

They should also double-check all routing numbers for bank accounts on their filings to verify that refunds will be sent directly to them and not to the preparer.

Additional resources for business accounting tips are available here

The Southbourne Tax Group: 7 Tips For Preventing Invoice Fraud

The Accounts Payable department is a prime target for fraud. Criminals looking to exploit your business take advantage of AP departments buried in paperwork to submit phony invoices and hope they’ll slip by as legitimate.

A single fraudulent invoice might not impact your company too much. However, over time invoice fraud can become quite a costly problem. Foiling invoice fraud is often frustrating, but implementing these tips will significantly reduce the risk of your company falling victim.

1) Employ 3-Way Matching

If you can match each invoice to a purchase order and receipt of goods, then you’re much less likely to pay a fraudulent invoice. Most fraudsters won’t bother fabricating three separate documents.

2) Watch Invoice Amounts

Amounts on invoices can provide clues that the invoice isn’t on the up-and-up. If your company requires additional review for invoices over $1,000 (for example), checks squeaking by right under that threshold (such as $999.98) should raise suspicion.

3) Keep Up Moral

Invoice fraud can come from inside the company or from an outside source. Happy employees are unlikely to commit fraud and more likely to catch fraud from outside sources. If they don’t have reason to complain, then they’re more likely to care about doing right by the company.

4) Check On Vendors

Fraudulent invoices are typically issued under fake business names or use a legitimate name but a fake address or bank account number. You’ll want to look up any new vendors to make sure they’re legitimate and find the address on Google maps. If the address is residential or a post-office box, that’s a big red-flag. Also, check-in with your existing vendors directly if their account information changes.

5) Track Invoice Activity

If you’re tracking invoice activity, you’ll be able to notice when something changes. For example, one vendor typically submits 5 to 10 invoices a month and suddenly you see 50 from them in a single month. It might be legitimate, but you’ll still want to get in touch with them and double-check.

6) Implement “Fuzzy Matching”

Duplicate payments are one way to commit invoice fraud – fraudsters submit a near-perfect copy of a legitimate invoice and hope no one notices one payment is going to a different account number. Sometimes they’ll also change date, invoice number, or amount. You’ll need a program that allows for “fuzzy matching” to catch near-duplicates as well as identical invoices.

7) Employ Automation

Automation in the AP department gives you the tools you need to more effectively implement all these other tips for preventing fraud. It’s probably the single most important step you can take to stop invoice fraud.

With NextProcess’ AP Automation Software, you instantly get detailed insight into everyday invoice processing. Our software automates invoice processing according to your custom specifications. It can catch many sorts of suspicious invoices on its own and gives you the tools you need to more easily track invoice activity and check on vendor information. On top of that, automation software is easy to use and frees up employees for more interesting work. It’s a win-win for the company and everyone in the AP department.

Additional resources for business accounting tips are available here.

 

The Southbourne Tax Group: It’s tax season, avoid fraud by following these tips

The person calling began to threaten the OPP civilian employee that if she did not send money to him, terrible things would happen to her

With tax season on the horizon OPP will be receiving calls from citizens who have been contacted and in some cases, have lost money. If you are contacted over the phone by someone saying they are the Canada Revenue Agency (CRA) here are some tips taken right from the CRA website:

The CRA:

  • never requests prepaid credit cards;
  • never asks for information about your passport, health card, or driver’s licence;
  • never shares your taxpayer information with another person, unless you have provided the appropriate authorization; and
  • never leaves personal information on your answering machine or asks you to leave a message containing your personal information on an answering machine.

When in doubt, ask yourself the following:

  • Is there a reason that the CRA may be calling? Do I have a tax balance outstanding?
  • Is the requester asking for information I would not include with my tax return?
  • Is the requester asking for information I know the CRA already has on file for me?
  • How did the requester get my email address or telephone number?
  • Am I confident that I know who is requesting the information?

When in doubt hang up the phone and call the CRA phone number included on the previous year tax returns or documentation received from the CRA. The number provided on the CRA website is 1-800-959-8281 for individual inquiries.

This story that happened in the late fall and speaks to the randomness of these calls.

A would be fraudster called the Orillia OPP detachment and was greeted by an administrative assistant with “good morning Orillia OPP”. The person calling began to threaten the civilian employee that if she did not send money to him, terrible things would happen to her and he was going to be the one to do it.

The randomness comes from the fact that most people from Ontario understand that the OPP stands for Ontario Provincial Police. Many times these calls originate from foreign countries and are intended to scare you into sending money. If you receive one of these calls hang up and call the Canadian Anti-Fraud number at 1-888-495-8501.

If you or someone you know receives an e-mail, phone call or letter demanding money, asking for money, threatening you for money or saying the most terrible thing has happened and they need money to help a loved one please call someone you trust and talk it over with them. Think about the following when receiving an e-mail, phone call or letter:

  • Is it reasonable? Would a police agency call you for money to bail someone out? Would someone notify you of a million dollar win over e-mail?
  • If it’s too good to be true it probably isn’t true.
  • Just hang up then report it.
  • Call someone else and tell them the story before sending money.
  • Call the agency that is calling you; if you receive an e-mail asking for updated information call the bank or go to the bank and talk to a live person.
  • If there is any doubt call the Canadian Anti-Fraud Centre.
  • Please talk to your relatives about frauds especially elderly relatives as they are more likely to be victims.

Sadly each year Canadians are defrauded of millions of dollars.

If you receive a call, e-mail or letter and know it’s a scam please hang up, delete the e-mail or shred the letter. If you have been the victim of a fraud no matter how small please contact the Canadian Anti-Fraud Centre at 1-888-495-8501.

Additional resources for business accounting tips are available here.

The Southbourne Tax Group: Why Tax Refund Fraud Losses Are Growing Rapidly

jlzouui

Over the past five years, the IRS has been experiencing issues around identity theft. Evidence of stolen identity tax refund fraud, or simply tax refund fraud (TRF), began to emerge as early as 2004 when individuals began submitting fictional tax returns from prison. According to the Treasury Inspector General for Tax Administration (TIGTA), in 2004, prisoners submitted 18,000 returns, which cost U.S. taxpayers $68 million. In 2010, they submitted 91,000 returns, with a loss of $757 million. Over that time, the prisoners also increased the average amount of money they collected, jumping from $3,777 in 2004 to a staggering $8,318 in 2010. Their tax fraud scheme exposed a flaw within the tax filing system.

Organized criminal enterprises understand flaws in the tax filing and refund system that allowed them to exploit procedural weaknesses and reap large returns for their efforts. TRF has evolved into a sophisticated criminal enterprise process with organized fraud rings filing thousands of fraudulent tax returns annually.

Factors Leading to the Growth of Tax Refund Fraud

The advancement of technology has had implications across many facets of TRF. The increase in personal computing power of taxpayers, the evolution of the Internet since the early 1990s, the ability to electronically file tax forms and subsequent growth of third-party tax filing services and the ability to receive tax refunds via direct deposit (including prepaid debit cards) have all been major contributing factors to the growth of TRF. Additionally, the conversion of personally identifiable information (PII) to digital records has created an opportunity for cybercriminals to steal PII in large quantities, as evidenced by recent health care provider and government agency data breaches.

The IRS has offered and allowed direct deposit of tax refunds since the 1980s; however, it never built systems to confirm that deposits were being made to an account of the same name as the tax filer. In 2008, TIGTA reported that “the IRS has not developed sufficient processes to ensure that more than 61 million filing season 2008 tax refunds were deposited into an account of the name of the filer.” In fact, TIGTA found that the IRS was not in compliance with direct deposit regulations. The IRS claimed that it was the responsibility of the taxpayer to ensure compliance — which obviously played into the fraudsters’ hands.

The problem of multiple direct deposits to one account was evident in a 2012 report in which an analysis of 2010 data indicated that 4,157 direct deposit refunds totaling more than $6.7 million went to just 10 accounts.

A corresponding July 2012 TIGTA report recommended that the IRS limit the number of direct deposits to one account. The IRS agreed with that suggestion and instituted a limit of three direct deposits to one account for the 2015 filing season.

A New Trend Takes Hold

Around 2010, a new trend emerged centering around true identity theft. Based on lessons learned from the prisoner tax filing scam, organized criminal groups (OCGs) focusing on TRF began to emerge. OCGs from street gangs to international crime groups learned that they could make a lot money with little risk involved. The OCG would obtain true identity information about a taxpayer, which is otherwise known as “FULLZ” in Dark Web marketplaces. The OCG would then submit a tax return in the victim’s name with fictitious employment and wage documents to support it.

Since two returns cannot be filed for the same person in one year, once the victim would submit a true tax return it would be rejected, alerting them to the identity theft. One of the issues at hand is that the IRS does not reconcile wage documents from individual returns to those supplied from employers until six to nine months into the year. According to TIGTA, the IRS may have paid $5.2 billion in potentially fraudulent tax refunds on 1.5 million tax returns in 2010.

So Where Does One Get FULLZ Information?

FULLZ information is readily available from many places. These include data breaches, retail stores, health care records and more. Once cybercriminals get access to this data, they will then put the information into a website marketplace that allows fraudsters to access any of the data that is available for a price. Many of these websites are in what is known as the Dark Net or Dark Market. The Dark Net listings provide fraudsters with all the information they would need to execute TRF.

If you are a novice or would-be fraudster, there are websites that will provide a how-to tutorial for committing TRF. The pictures below are examples of a few websites that teach people each step of TRF, from getting a person’s PII and opening a bank account in that individual’s name to actually submitting a fraudulent tax return and receiving an illicit refund.

Another important thing to note is that rules, regulations and silos within companies hinder the organizations’ ability to effectively communicate, share information and limit the losses from TRF. However, the bad guys are not hindered by any such rules and regulations. They are free to communicate among themselves about successes, failures and other conditions that will help refine their processes to be more successful. This is usually done in Dark Net chat forums. In these forums, criminals are free to discuss what was successful and what was not.

Technology has made it increasing easy for fraudsters to commit their crimes anonymously. The Internet and phone channels provide areas that can be used to grant anonymity. On the Internet there are many products that provide virtual private network (VPN) services to hide the true identity and IP address of the bad actor; two of the best known are Tor and I2P.

Data Breaches Fuel the FULLZ Supply

All data breaches are not created equally. Some of the large retail breaches over the last 18 months, while significant, do not pose as much of an identity theft risk as the more recent health insurer and government data breaches. Some of the high-profile retail breaches involved payment card compromises, which would allow a fraudster to create and use counterfeit cards. Typically, card issuers will bear losses associated with counterfeit card use, sparing consumers any financial burden. However, data breaches that involve complete PII records of consumers present a high risk of identity theft and TRF.

Until recently, the compromise of full PII data often came from malicious insiders with access to consumers’ information. Insiders at banks, medical offices, schools and other organizations that possess PII help provide access for criminal enterprises. Large-scale data breaches at health insurers and government agencies have provided a tremendous supply of consumer PII to cybercriminals looking to execute TRF.

So far in 2015, more than 100 million PII records have been compromised through health care and government data breaches alone. For example, the IRS announced that the breach of its Get Transcript system may have included the PII of 334,000 taxpayers. Unlike payment card compromises, these breaches may have profound negative effects to individuals for years to come.

IRS Attempts to Control the Issue

In response to TIGTA’s direct deposit concerns, the IRS introduced limits on Automated Clearing House (ACH) deposits for the 2015 tax season. It implemented new procedures about how money would be sent to accounts by ACH and by check. For instance, a new direct deposit refund request limits the number of refunds that can be deposited into one bank account to three. After three deposits into one bank account, the IRS will convert any subsequent direct deposit refund requests to a paper check and mail the check to the taxpayer’s address. Also, the IRS is limiting the number of bank accounts among which a taxpayer can split one refund to no more than three.

These changes were implemented in an effort to curb TRF. However, the reforms did not achieve the intended result because fraudsters adapted their tactics to exploit systematic weaknesses. The issues that arose for the 2015 tax season are twofold:

  1. Workarounds With Tax Preparation Services

The master accounts associated with tax preparation services are a weakness in the system to which fraudsters navigated once the IRS instituted the direct deposit limitations. When an individual files a tax return with a refund through some of the popular tax preparation services, the refunds are often routed from the IRS to the tax preparation company, which then sends it to the individual’s bank and account of record.

Through this method of filing, fraudsters were able to bypass the direct deposit limits. Refunds processed through master accounts do not contain robust event descriptions. The lack of event descriptions means the banks can’t detect and stop these refunds since they have no information from which to validate and match information to the bank account.

  1. Financial Institutions Cannot Help Monitor for Fraud

The direct deposit limits took financial institutions out of the game with regard to being a detection point. An ACH deposit coming from the IRS to a bank contains a robust event description including the name, address and Social Security number of the beneficiary. Financial institutions were in a position to detect suspicious activity of multiple deposits going to one account for the benefit of individuals not named on the account.

As with many regulations and controls designed to stop fraud, there are unintended consequences. As a result of criminals’ ability to adapt to the ACH limitations, they found another way. Their new methods resulted in a higher success rate and increased losses to U.S. taxpayers.

What Does This Mean for the Future?

TRF is expected to increase dramatically for this tax season. According to the IRS, fraud losses will reach a staggering $21 billion by 2016, while just two years ago, losses were $6.5 billion.

Recent large-scale PII data breaches will contribute to the growth of TRF. Although the IRS is making changes to try to limit fraud, there are still structural weaknesses in the process that will allow this activity to continue.

Are There Solutions to the Tax Refund Fraud Issue?

No one solution will stop tax refund fraud, but it can be slowed down and its losses limited. The focus should be on better fraud detection capabilities. The detection process should be built like an onion with multiple layers and parties involved. Proposed cuts of the IRS’ budget by more than $800 million for fiscal year 2016 may make it increasingly difficult for the agency to create a better detection strategy, however.

Limiting the number of direct deposits to one account is a good start. However, financial institutions need to be brought into the detection loop. The refund process via master accounts must be enhanced to the point where the name, address and Social Security number of the beneficiary are included in the event description of the ACH transaction between the master account and the receiving bank. Once that is done, banks can build fraud strategies to identify multiple deposits to one account.

The IRS, financial institutions, tax preparation service companies and card companies should work together to devise and implement detection controls that may allow each party to potentially identify suspicious activity, raise red flags and halt the refund process to allow for identity verification. With a detection process that includes all these parties, there will be three different industries that can review refund transactions at different points in the process. This could significantly decrease the losses that are seen with tax refund fraud.

Additional resources for business accounting tips are available here

The Southbourne Tax Group: Fraud prevention – 2017 predictions

fraud

Challenges and Opportunities

The Paypers has invited various thought leaders to share their views on 2017 predictions regarding security threats and fraud management solutions

Monica Eaton-Cardone, Global Risk Technologies: Criminal fraud, in the form of unauthorised transactions, will remain an ever-present threat

Criminal fraud, in the form of unauthorised transactions, will remain an ever-present threat. Fortunately, though, technologies have made it easier to mitigate this type of fraud. The threat will continue, but it is a manageable concern. Conversely, another type of fraud continues to go unmitigated. Friendly fraud, which is unwarranted or illegitimate chargebacks, is growing at an alarming rate—as much as 50% annually in certain regions and industries. To date, this threat has remained relatively unmitigated.

Fortunately, we are identifying new techniques that are proven effective at preventing illegitimate chargebacks and recovering unnecessary revenue loss. First, merchants need to identify the cause of each chargeback. Identifying the source of a problem is the only way to effectively mitigate it—otherwise, solutions merely address the symptoms. Technologies like Chargebacks911’s Intelligent Source Detection make this possible.  Second, once merchants have identified the chargeback sources, they need to dispute known cases of friendly fraud. Disputing illegitimate chargebacks effectively challenges faulty consumer behaviours.

Lastly, the industry needs standardisation and compliance. Programmes piloted by schemes to address these concerns are apt to provide good feedback. Without more attention on identifying the underlying source of this growing problem, consumer expectations will threaten sustainable growth industry-wide.

Jason Tan, Sift Science: Stolen identities or accounts are attractive to fraudsters because they offer a richer form of data than simple payment details

While companies are making strides in fighting payment fraud, there are still some worrying gaps when it comes to combating the new frontier of fraud, account takeover (ATO). Nearly half (48%) of respondents to the Sift Science Fraud-Fighting Trends 2017 survey reported that they saw a rise in ATO last year. And with large-scale data breaches showing no sign of slowing down, there should be plenty of fodder floating around on the dark web for criminals to use in their attacks.

Stolen identities or accounts are attractive to fraudsters because they offer a richer form of data than simple payment details. Non-payment data like login information, birth dates, social security numbers, and security questions can be used to create more accounts, make purchases, or even sign up for new credit cards.

From the standpoint of a merchant or financial institution, ATO is particularly concerning since these fraudsters may take the guise of some of your most trusted customers. However, machine learning and behavioral analysis can help unearth the subtle nuances that separate a real, valuable user from an imposter – so you can stay ahead of the game.

Luke Reynolds, Featurespace: It’s time to embrace machine learning to identify new fraud attacks as they occur while protecting your customers and revenue

Do not treat your customers like criminals. That is the big differentiator for banks and payment processors that want to get ahead. Criminals are advancing faster than existing fraud systems can cope with. Machine learning and advanced anomaly detection are the answer to preventing new fraud attacks, while accepting ‘good’ business from genuine customers.

One type of fraud attack increasing within financial services is Authorisation Stream attacks, where criminals manipulate the standard authorisation message, impacting payment processors upstream of where fraud systems usually spot an attack at transaction stage.

Social Engineering attacks on the elderly and vulnerable are also an increasing threat – where genuine banking customers are manipulated via phone by a criminal impersonating the bank.

Financial Services organisations are typically already capturing data needed to protect customers from these attacks. However, to do so, organisations need to be identifying anomalies accurately and efficiently at the level of accounts, merchants, cardholders and locations.

The good news? Machine learning systems – which use adaptive behavioural analytics to monitor individuals in real-time and detect anomalies – enable organisations to understand behaviour across their customer base. It’s time to embrace machine learning to identify new fraud attacks as they occur, while protecting your customers and revenue.

John Karantzis, iSignthis: The convergence of 4AMLD and PSD2 can lead to proactive solutions that mitigate fraud

Are companies ready for even more sophisticated fraud attacks? Unfortunately, it appears not, as card fraud has continued to rise around the world, with fraudsters becoming more sophisticated and harder to catch than ever.

In 2015, we saw more than USD 16.31 bln lost to card fraud globally, with a significant proportion of this being within SEPA. Whilst more and more predictive or risk-based solutions are released to the market each year to protect businesses from fraud, the fraud statistics are not decreasing.

Clearly, relying on risk-based assessment or predictive systems such as ReD, Kount, Cybersource, are proving to be less and less effective, and often lead to false positives or false negatives.

In response, regulators have introduced the Payment Services Directive 2 (PSD2), which incorporates a requirement for ‘Strong Customer Authentication’ (SCA) for every payment transaction. SCA however, relies upon Knowing Your Customer, which for transactions originating outside of SEPA can be extremely challenging. The strengthening of the transparency rules regarding identity has been introduced to tackle terrorism financing, tax avoidance and money laundering, which in turn will also address the adjacent issue of card not present (CNP) fraud. The convergence of 4AMLD and PSD2 can lead to proactive solutions that mitigate fraud, which in turn increases merchant’s confidence to pursue exporting and revenues from outside the SEPA.

The iSignthis Paydentity solution adds a layer of proactive defence for merchants against sophisticated CNP attacks, in addition to providing a basis for compliance for the 4AMLD and PSD2.

Additional resources for business accounting tips are available here