September 24, 2024 Protect Against the Full Range of Fraud Vulnerabilities

Strong banking partners can help manufacturers struggling to account for traditional, emerging risks in increasingly digital operations.

By        Brian Geen – VP, Relationship Manager
            Enterprise Bank & Trust, Member FDIC

While once an afterthought for many businesses, manufacturing and industrial operations have largely adapted to today’s digital business environment. The challenge? This has created more entry points for fraudsters and cybercriminals – and a problem for leadership. Workforce training around fraud has struggled to keep pace with technology advancement, and this leaves organizations vulnerable to potentially costly mistakes.

Areas of increased risk include employee bribery and conflicts of interests (especially in global supply chains), billing schemes, and employee theft of raw materials and finished goods.

Understanding fraud in today’s supply chain and manufacturing

According to the Occupational Fraud 2024: A Report to the Nations, published by the Association of Certified Fraud Examiners, median fraud loss in the manufacturing industry hit $267,000 per organization but with an average loss of nearly $2 million, ranking third among all industries in the report. The top three methods used to successfully defraud manufacturers and industrial operations include corruption (55%), misappropriation of noncash assets (29%) and billing schemes (27%).

Perhaps even more importantly, nearly 35% of fraud instances in manufacturing show more than one of the top risks being exploited simultaneously.

More than half of the fraud instances detected were due to either lack of internal controls or a person overriding existing processes meant to prevent losses. Protecting a manufacturing operation, associated partners and clients proves difficult without the right help. In particular, the range of transactions a manufacturer may process creates a complex series of financial challenges and vulnerabilities to address.

Banks should be a key partner in fraud prevention

Fortunately, a collaborative banking partnership can provide the responsive, specialized expertise necessary to manage all the moving parts related to invoicing, processing payments, managing inventory and supporting audits.

Many businesses, including manufacturing and production operations, have moved away from issuing and accepting checks in an effort to increase digital payments and utilize fraud prevention technologies, consolidate systems and boost efficiency. Check fraud has consistently been the payment method most vulnerable to fraud since first surveyed 19 years ago, according to the Association for Financial Professionals “Payments Fraud and Control Survey Report.”

With the reality that many companies cannot discontinue use of traditional checks altogether, protection services from a bank treasury management department deter fraud by matching the checks a company issues with those presented for payment. This is known as positive pay and serves as an additional monitor in the transaction process, allowing the account to reject unauthorized transactions before losses occur.

This type of protection is an opportunity to balance the level of transaction protection without negatively impacting overall business operations or the customer experience. Many banks also have professionals who are well-versed in manufacturing and production and can help ensure industry-specific financial numbers are accurate and free of potential suspicious activity.

Cybersecurity gaps can persist throughout operations

The growth of global digital connectivity in even smaller manufacturing and industrial operations makes business an increasingly common target for fraud threats. The increase in connected technology and devices, global supply chains and legacy systems not properly updated to account for vulnerabilities and security gaps provide abundant pathways to information that is valuable to cybercriminals.

Cybercriminals operate at a surprisingly sophisticated level, frequently testing and probing for ways to access systems and processes. They use their findings to continually refine and implement new methods of breaching susceptible operations in creative ways. In short, fraudsters are evolving their schemes at a rate that makes it increasingly difficult to match.

As cyber incidents due to fraud are becoming more of a “when, not if” eventuality, cyber insurance and cyber liability policies are becoming more prominent.

While cyber policies are an integral component of protection, pairing these measures with a strong financial services partner is highly recommended for incident response planning.

“Credential harvesting,” for example, involves obtaining and using login and password information and continues to increase as a high-profile threat to manufacturers. This allows fraudsters to either gain direct access to financial accounts or obtain information that can be used in ransomware schemes. Breaches can be costly in terms of both productivity and direct loss of funds needed to address the situation and any recovery attempts, which can vary in scale.

The good news is there are several preventive safeguards that manufacturing operations can implement. Best practices include:

• Work with all applicable vendors on verifying the security to their networks and computers that house sensitive information. Also, set up appropriately safeguarded access to internal systems as needed.
• Regularly review account authorizations to make sure former employees or employees who have changed job duties do not have unnecessary access to any systems. At the same time, routinely monitor and update any online banking user IDs and access levels, as necessary.
• Reinforce user education and skill reinforcement for all employees, including management and executives, so they can remain the most valuable measure to protect against scams. Cybercrimes are largely successful because the hack occurs through behaviors rather than systems.
• Require all employees to receive regular, ongoing education and training related to fraud prevention best practices and policies, regardless of rank or seniority. Banks with specialized knowledge of the manufacturing industry can provide valuable resources to educate individuals on safely interacting with financial information.

Minimizing fraud and losses

In the event of a data or system breach, a banking partner will be fully prepared to respond with the appropriate access limitations. However, maximizing recovery and minimizing interruption after the incident is where other partners, including cyber insurance providers, cybersecurity vendors and legal aid, take a more central role.

The most important step is to immediately communicate any suspicious activity or transactions to the financial institution, especially in the case of ACH or wire transfers. With a limited recovery window for these transactions, expedited attention is key to preventing further loss. In collaboration with law enforcement and other relevant response parties, a banking partner can often quickly assess fraud and keep a verified cyberattack from devolving.

Taking a proactive approach to heighten fraud prevention processes is a step manufacturing leaders increasingly view as necessary. While the initial investment in time and resources may be daunting, a prevention plan that properly utilizes tools, controls, policies and continuous education can make proactive mitigation of risk possible. Along with the right banking partnership, cybersecurity vendors and insurance providers, creating and maintaining an effective long-term plan ends up being both practical and economical.

About the Author:
Brian Geen is Vice President, Relationship Manager for Enterprise Bank & Trust, Member FDIC.

Subscribe to Industry Today