shutterstock-350783378-1-
Ivelin Radkov / shutterstock.com
13 May 2016 Insurance

Pay exactly who you mean to!

Mandate fraud is the diversion of a payment and is a long-standing practice. Its existence has been exposed in recent years due to a number of high profile cases as well as the proliferation of the use of the internet to facilitate payments.

In essence, mandate fraud occurs where a criminal is able to convince an individual or organisation to amend a direct debit, standing order or bank transfer mandate, by purporting to be a legitimate organisation with whom you trade. The practice affects individuals as well as businesses, and since the cost and risk to the criminal are minimal, it cannot be assumed that only large payments are targeted.

All businesses are susceptible to this fraudulent activity, including the shipping industry. Whether it be buying stock, payments for freight charges or purchasing operational commodities, such as fuel, the close management of your suppliers is vital. Failure to perform due diligence throughout each transaction could give rise to significant financial loss, as fraudsters wait in the shadows for the opportunity to strike.

In addition to the direct financial risks associated with mandate fraud, such criminal activity can give rise to far more complex situations through the purchase of the carried cargo for the freight forwarder. The consignee may unwittingly pay funds for cargo into a fraudulent account, which the shipper never receives. In circumstances where the goods are then released against confirmation of a fraudulent wire transfer, liabilities can arise for the freight forwarder. In essence, the cargo has been released without payment.

Online vulnerability

Internet-enabled fraud would appear to know no bounds. For the majority of businesses the fact that correspondence is now mainly conducted over the internet, and in particular by email, exposes victims to criminal activity.

Methods may include the hacking of a business’ email account—there is no obvious sign of this being done, so there is no awareness of the vulnerability. The fraudster can then monitor inbound and outbound email content, waiting for a payment request to be made.

Once a payment has been requested the fraudster can intervene. With surprising ease and speed the fraudster can create a new email account which will be an almost exact copy of the source email from the legitimate company requesting payment. In doing so the fraudster may omit only a dot or dash from the original email address; to the unsuspecting eye, the fraudulent email appears to come from a known, trusted source.

The fraudster will then either provide a spurious reason why the existing bank account may not be used and duly requests that the payment be made to an alternative bank account, or in some cases will simply substitute banking details. In many cases, the slight change in email address is not noticed and the details of the request, appearing to come from a trusted source, are not questioned. The payment is then made to the fraudulent account.

The criminal organisations behind such activity employ sophisticated mechanisms and software programs to distribute the received funds across numerous accounts in a number of jurisdictions almost instantly. The funds are divided into relatively small denominations which afford them a degree of comfort insofar that in any one jurisdiction the authorities are unlikely to dedicate a large resource to tracing the funds. This strategy affords the criminals the benefit of increased complexity through the investigatory process, coupled with a greatly reduced chance of detection and, ultimately, denies the victim recovery of the stolen funds.

Adding to the complexity of identifying such activity and recovering the funds, it is likely that the fraud will not come to your attention until your supplier queries the missing payment. Credit terms may allow a period of up to 90 days, providing a significant window for any fraudster to launder the funds.

Criminals recognise the opportunity presented by particularly busy periods and times when a reduced number of staff may be in place. During such periods, it is reasoned, fewer questions are likely to be raised in relation to what could otherwise be considered unusual requests.

Reducing the risk

Mitigating the risk of mandate fraud is linked directly to both general housekeeping and continuous vigilance. TT Club recommends that all companies:

Already registered?

Login to your account

To request a FREE 2-week trial subscription, please signup.
NOTE - this can take up to 48hrs to be approved.

Two Weeks Free Trial

For multi-user price options, or to check if your company has an existing subscription that we can add you to for FREE, please email Elliot Field at efield@newtonmedia.co.uk or Adrian Tapping at atapping@newtonmedia.co.uk