Treasury From Home: Reducing Cybercrime and Fraud Risk

The Covid-19 pandemic has already provided rich pickings for fraudsters and cybercriminals who are becoming increasingly active and unscrupulous. The company is the first line of defence against fraud and it is vital to educate employees about what to look out for and how to avoid being duped – something that is all too easy as many are working from home and under new levels of pressure. The treasury team is thus left understaffed and working harder, as a result vigilance can too easily be relaxed, providing a favourable opportunity for both fraud and cyber risk. None of the vast range of scams and frauds is new, but the advent of coronavirus has led to new ‘fashions’ in the way they are being employed and who are favourite targets.

Sending fake invitations to virtual meetings on platforms such as Zoom is one method of illegally gaining sensitive information. Cyber fraudsters are also making increased use of malware sent via email attachments. Impersonation fraud is rife: someone pretending to be a technician from your bank might offer to solve a problem you are having, for example with a payment, if you provide your bank identity code – but no genuine bank would ever ask for this over the phone.

Vendor scams, especially those centred on virus-related products, are also increasing. A request might appear to come from a known supplier, perhaps offering face masks or sanitising gel, or from a business unit asking for an urgent transfer of funds. Employees should be trained to double-check every such request and be assured by management that they will never be reprimanded for holding up a payment while such checks are carried out. A payment should never be made if there is any doubt whatsoever about it.

If one of your regular suppliers asks to be paid in advance or solicits payment for a charity, for example, make absolutely sure that you are, in fact, dealing with them and not someone impersonating them. You can do this by calling back – on the number you usually use to contact them – to check that the money is going to the right place, not a fraudulent account.

Like all banks, BNP Paribas is giving concrete help to treasurers in these difficult times and has several tools to do so, varying from country to country. In France, we operate a system called IBAN Check whereby a corporate can check its corporate ID against the counterparty’s international bank account number (IBAN) and make sure of a 100% match before making a payment. Other initiatives include co-operation with a very promising think tank called the Future Innovators Summit (FIS), which is community-based and already working with several large corporates on the detection of supplier fraud. We also have a partnership with a fintech called Bleckwen, which offers special tools for fraud detection that are particularly user-friendly – these will go live very soon.

In short, the answer to staying cybersecure during this period of crisis is awareness, awareness, awareness. Clients of BNP Paribas can count on the bank to help them fight fraud and cyber risk today and tomorrow, as we continue to develop state-of-the-art tools to enable them to do so.