Washington, D.C. -- Despite a slight decrease in corporate payments fraud and a heightened interest in security risks, 2013 saw an increase in fraud specific to credit and debit cards as criminals and their schemes became more sophisticated, according to the 2014 AFP Payments Fraud and Control Survey released by the Association for Financial Professionals (AFP).
Now in its 10th year, the survey, sponsored by J.P. Morgan, found that even as check fraud declined, companies are now preparing for the shift in credit/debit card liability from issuers to merchants. Among survey respondents, 22% that accept credit/debit cards from their custom¬ers anticipate a significant impact from their investment in card acceptance fraud prevention methods and half expect some impact.
Also, in the wake of recent security breaches, 63% of organizations have either adopted additional security measures or are planning to do so in the near future, with measures including secure signature stamps, electronic signatures, payment data stored with third-party vendors and increased layers of security.
Other key findings include:
• Sixty percent of organizations were exposed to actual or attempted payments fraud in 2013, similar to 61% in 2012, down from 68% in 2011.
• Changes in payments fraud experienced in 2013 compared to 2012: 27% – increase; 16% – decrease; 57% – no change.
• Payments formats targeted by fraudsters: 82% – checks; 43% – credit/debit cards (corporate and consumer), up from 29% in 2012; 22% – ACH debits, down from 27% in 2012; 14% – wire transfers, up from 11% in 2012; 9% – ACH credits, up from 8% in 2012.
• Seventy percent of companies exposed to actual or attempted fraud in 2013 experienced no financial loss as a result.
• Eighty percent of companies that experienced actual or attempted payments fraud found it originated outside the organization.
"Criminals will try to stay a step ahead," said Jim Kaitz, AFP's president and CEO. "But with potential liability increasing for merchants, companies are taking a hard look at where their own vulnerabilities lie. This is especially important for big companies with complex systems, which are frequent targets for fraud."