An estimated 74% of organizations face payment fraud attempts every year, with efforts increasing in sophistication. In this session, Kyriba will present best practices in fraud prevention and detection, including application security, workflow controls, securing bank connectivity, and improving payment controls through real-time fraud detection and prevention.
1. How Kyriba Helps Protect
You From Payment Fraud
Xavier Audibert, Lead Product Architect
Bob Stark, VP Strategy
2. Payments Fraud is on the rise
Source: AFP Payment Fraud Report 2017
Did Number of
Fraud Incidents
Increase Since
Last Year?
Organizations seeing
more Attempted
and/or Actual
Payments Fraud
3. Source: 2016 – 2017 AFP Payments Fraud and Control Survey, Association for Financial Professionals
5%
4%
3%
6%
9%
6%
4%
11%
53%
0% 10% 20% 30% 40% 50% 60%
Over $2,000,000
$1,000,000 - $1,999,999
$500,000 - $999,999
$250,000 - $499,999
$100,000 - $249,999
$50,000 - $99,999
$25,000 - $49,999
Up to $24,999
No Loss
2015 - 2016
More at risk than we think
How much was targeted?
4. Do we know where fraud is coming from?
BEC schemes
Organized
Crime
Account
Takeover
Outsourced
3rd party
Internal
Compromised
mobile
Lost laptop
Source of Fraud
Attempts
(AFP 2017)
Forrester study
says this is 40%
for all types of
fraud
5. 5%
8%
12%
15%
27%
37%
37%
46%
74%
0% 10% 20% 30% 40% 50% 60% 70% 80%
How treasury protects themselves (Uh Oh )
Perform daily reconciliations
Stronger login authentication
Secure disaster recovery
Restrict access to company network
Payments only on company laptop
Restrict network access by mobile devices
Dedicate a PC for payment origination
Implement SWIFT
Other
Source: AFP Payment Fraud Report 2017
6. PREVENTION is the first line of Defense
1. Prevent fraudsters from taking over
user accounts and stealing data
2. Prevent the fraudsters who are in your
system from releasing transactions!
7. 1. Protect Your System from Fraudsters
Fraudsters
attempt to
access your
application
Client Site 1
IP Filtering
Users can log in only if
their device uses a
registered IP address
Client Site 2
IP Filtering
Users on the go, at home… Two Factor
Authentication (2FA)
SMS or USB key required
as second factor of
authentication
Single Sign On (SSO)
Use your corporate
credentials to log in
Kyriba
IP Filtering
SSO
Two Factor Authentication
8. You can combine methods to further strengthen security
SSO IP Filtering 2FA
1. Protect Your System from Fraudsters
9. 2. Protect Your Data from Fraudsters
What Kyriba does for you
Encryption of data - in transit and at rest
Secure hosting within state-of-the-art data
centers
Segregation of data and networks
3rd party risk assessments / penetration testing
Security Incident Event Management (SIEM)
10. 3. Payment Controls…Controls…Controls
Dual Administration
Of changes in master data, business rules
Notifications
Of changes in sensitive master data
Dual Factor Approval
Of payment transactions, batches, files
Electronic Signature
Of payment files (3SKey certificates)
Standardize
Controls across payment systems, users, geographies
11. 3. Payment approval – additional security
Can use 2 Factor Authentication for internal Approvals of:
Payment transactions
Payment batches
Payment files
12. 4. Payment Screening
Screening against
blacklists (OFAC…) is
a Compliance
requirement
Fraud screening is
a Security
requirement
Fraudsters are not blacklisted: Sanction
list screening does not protect you
from Fraud!
13. You need a 2nd line of defense to detect
Suspicious Payments & Behaviors
Manually entered
payments
ERP files to route
to banks
Treasury
payments
Payments
imported from
ERPs
Alert!
4. Payment Screening
14. 4. Payment Screening
Key to payment screening is to create rules that
align with your Payment policy
Payment Policy Screening Rule
1. Payments should only go to approved
suppliers in approved countries
All payments to non-approved countries
must be stopped
2. Payments initiated by A/P within the ERP
are only approved or rejected by treasury
Any payments that are modified after
import must be stopped
3. Single or multiple payments to same
beneficiary must not exceed a specified
limit
Hold for review any payments that
cumulatively exceed specified limit per
day/week/month
4. All payments to a newly modified bank
account must be reviewed by Treasurer
First payment to a new or modified bank
account must be held for review
15. 4. Payment Screening
Challenges when complying with payment policies
1. Screen large data volumes
2. Screen data before fraud completes
3. Block suspicious payments &
Assign alerts to appropriate teams
4. Segregate who can view & resolve Alerts:
per company, account, transaction code…
5. Monitor the status of Alerts
Automation!
Real-time!
Workflows!
Dashboards & KPIs!
Integration with
existing Access rights!
16. 4. Payment Screening
Also critical to detect & monitor potential errors
The same ERP payment file may lead to alerts raised by
Compliance, Fraud, Errors…
Better to manage them all in one place, isn’t it?
Required
check type
Applied checkTransactions
in file
Payment 1
Compliance
checkThe beneficiary is blacklisted!
Payment 2
Fraud
detectionToo many payments to a vendor over the month!
Payment 3
Error
monitoringRejected payment due to unknown Budget code!
17. Unified Alert Management: consolidated view over all Alerts
across Fraud, Compliance, Errors
Control Center
module
Fraud Detection
module
Payment Screening
module
Suspicious Transactions Hits on Sanction
Lists
Processing Errors
NotificationsReal time Alerts KPIsResolution Workflow
4. Payment Screening
Kyriba solutions that detect and resolve all types of
threats
19. Unified Alert Management: consolidated view over all Alerts
across Fraud, Compliance, Errors
Control Center
module
Fraud Detection
module
Payment Screening
module
Suspicious Transactions Hits on Sanction
Lists
Processing Errors
NotificationsReal time Alerts KPIsResolution Workflow
4. Payment Screening
Kyriba solutions that detect and resolve all types of
threats
20. 4 Step Framework
1) Application security – more than UserID/Password
2) Data security – ensuring treasury data is safe
3) Payment controls – standardizing how payments
are initiated, approved, and transmitted
4) Payment screening
a) External sanctions lists
b) Internal payment policy/scenarios
c) Potential payment errors
Preventing Payment Fraud