Phishing, hacking, deepfakes — strategies cyber criminals can wreak havoc on a business — have forced CFOs to allocate more toward cybersecurity amid rising technology dependence. Cyber crime targets companies’ financials and so the finance chief has become one of the primary defenders against bad actors.
According to new data from Trustpair’s 2024 U.S. Fraud study, a large portion of CFOs and finance teams may have learned this lesson firsthand. Of the 266 U.S.-based director and C-level finance and treasury professionals with over $1 billion in revenue surveyed, 83% said they have had some type of fraud attempt on their business within the past 12 months.
Payment Fraud Hits Hard
Within that group, payment fraud in particular experienced a sharp rise. In 2023, of the companies that were targeted, 96% said it was in some form of payment fraud attempt. And that 96% is a stark jump from 2022, when just over half (56%) of respondents said they had been targeted, representing a 71% year-over-year increase.
Of those targeted, 36% of organizations lost more than $1 million.
Trustpair’s leadership advises CFOs to focus more on training and proactively fighting fraud to be best ready for what their data shows is ultimately inevitable.
“CFOs are aware of the spike in fraud attacks — 49% have increased fraud prevention budgets in the past year – but a paradox has emerged in the fight against fraud,” Baptiste Collot, co-founder and CEO of Trustpair, told CFO.
Collot shared survey data specific to their CFO findings that were not highlighted in the survey.
“Training around fraud risks and processes is what CFOs think is the most beneficial method to reduce the impacts of fraud,” he said. “But 52% of CFOs believe employees don’t always follow the fraud prevention policies in place. Humans continue to make mistakes in the fraud prevention process, and training alone is not enough to keep up with sophisticated fraud attacks.”
Mistakes in these areas can result in a considerable chance of being exposed to cyber fraud in particular. Wire transfers (53%), vendors (47%), and fraud on behalf of the CEO or CFO (44%) were the top causes of fraud across the entirety of those surveyed. Methods used by fraudsters, according to those who were impacted, were text messages (50%), fake websites (48%), and phone calls (39%).
CFOs Addressing Cyber Attacks, But Is It Enough?
Finance leaders say they believe cyber crime is here to stay. Over two-thirds (67%) of respondents said they expect fraud to increase. However, few are responding in kind, as 28% say they have fraud prevention software to protect from these attacks.
More than half (56%) of respondents said their companies have increased budgets around cybersecurity technology in the last six to 12 months. In addition to software spend, finance teams have turned to workflow changes: double-checking (56%), dual approval processes (47%), and segregation of duties (40%).
“CFOs need to move past the awareness of fraud risks and start to increase investments in automation alongside their human teams to fight the spike in sophisticated fraud attacks,” said Collot. “With 70% of CFOs expecting payment fraud to rise further in the next 12 months, they must take action now to alleviate the worst impacts.”
Cybersecurity is a People Problem
Outside of investing in a sufficient amount of cyber technology, there isn’t a clear answer on how to best protect a company from fraud. Forty-two percent of companies say better training and education around payment fraud risks and cybersecurity risks are the most valuable strategies to fight fraud and only 40% have invested in fraud training.
The technology adaptation is being outpaced by realization because finance leaders are aware that if their employees don’t have the knowledge or motivation to abide by cybersecurity best practices, then investments in new technology may be useless.
Nearly half (49%) of respondents said their companies' biggest problem is employees don’t always follow fraud prevention policies, leaving them exposed.