Did you think the most popular sport was football? Well, maybe not, regardless of whether you’re talking about the American or international game. The most popular sport of all might be theft.
According to a new survey of 1,533 senior finance executives in the United States and U.K., finance teams had seen an average of 13 cases of attempted invoice fraud, and 9 cases of successful invoice fraud, in the prior 12 months.
The average per-incident monetary loss: $133,000 in the U.S. (totaling almost $1.2 million annually) and £104,000 in the U.K., according to the survey, conducted by Medius, a provider of advanced accounts payable solutions. (All respondents worked for organizations that process more than 5,000 invoices annually, and the average was more than 26,000.)
Medius noted that AI and machine learning capabilities for identifying bad actors, coupled with a few other key practices, can mitigate the risk of invoice fraud.
Business Email Compromise (BEC) scams affected 43% of surveyed businesses. According to the survey report, between October 2013 and December 2022, the FBI received more than a quarter million reports of domestic and international incidents of BEC.
Perhaps more ominously, more than half (53%) of the surveyed finance professionals said they’ve experienced deepfake scamming attacks, with 43% admitting they’ve fallen victim to such an attack. In fact, 87% of those polled admitted they would make a payment if they were “called” by their CEO or CFO to do so.
“This is concerning,” Medius wrote in its survey report, as more than half (57%) of the respondents “can independently make financial transactions without additional approval.” However, only 40% of those surveyed said protecting the business from deepfakes is a top priority.
Overall, a third (33%) of the finance professionals said they don’t feel well enough educated to tackle deepfakes. But there was a large difference geographically, with the U.S. at 48% and the U.K. at only 12%.
In another discouraging finding, four out of five finance professionals (81%) said they stay silent when spotting or suspecting internal fraud, fearing retaliation. These fears are “validated,” Medius wrote, as a third (32%) said they “have seen whistleblowers victimized, behind their backs or to their faces.”
What’s more, 59% said they have seen whistleblowers subsequently left out of important decisions, and 33% said they’ve seen whistleblowers moved to a different team.
“Building a culture where employees feel comfortable to report their suspicions could save organizations millions in the long run,” said Jim Lucier, CEO of Medius.
In many organizations, creating such a culture may be left to the finance team. For 44% of the survey respondents, finance is solely responsible for preventing invoice fraud. IT, meanwhile, is responsible for 27% of them. Only 13% of those polled claimed to have both teams working to prevent invoice fraud.
“That’s unfortunate because collaboration and information-sharing are how professionals keep up with the latest criminal tactics,” Medius wrote.
