Your commercial real estate company has always been vulnerable to fraud. Recent research discovered that 88% of companies interviewed were targets of cyber fraud in 2019. However, fraud has continued to increase during today’s COVID-19 and economic challenges.
Companies of all sizes are using non-standard operating processes and procedures as it has become necessary to adapt to new work arrangements. Many, if not all, office staff are working from home. Employees responsible for payments activities may not have access to the same paper-based backup that your business may typically require for payment requests. Similarly, there may be more manual work involved to initiate a payment compared to automated systems with built-in controls. As a result, in an attempt to keep your business running smoothly and minimize payments processing delays, employees may be tempted to shortcut standard controls at the precise time they should be extra vigilant.
The following situations are based on actual schemes that were reported to PNC Real Estate by commercial real estate clients. Have you or your team heard of or been a victim of a fraudulent activity like one of these?
Property Closing – Many different parties may be involved in the commercial loan closing. There may be a flurry of emails from attorneys or other individuals conveying payment instructions, creating the chance for fraud to occur in the payment process. PNC Real Estate is aware of several occasions in which payment instructions were redirected through a compromised email to a fraudster’s account. In addition to a delayed closing, this criminal activity can potentially cause a business to lose millions of dollars.
Check Deposit – Although there has been a rise in electronic payments, 14.5 billion payments were made by check in 2018. This includes both business-to-business payments and business-to-tenant payments. With the expansion of mobile capabilities, it is now possible to deposit checks from your phone. Fraudsters are stealing checks and depositing them from their phone then cashing the check at the local bank before the system is updated, which can create significant losses for the business.
Information Update – Tenant, vendor and employee payment information changes frequently, requiring constant updates, often on a rush basis. This can lead your staff to neglect proper protocols, resulting in a deposit being made to a fraudulent account or a vendor payment being sent directly to the criminal.
Three Tools for Fighting Fraud
The risks above could have been mitigated using treasury management tools and services available through your bank.
- During the loan closing process or when updating system information, account verification services can help identify discrepancies between the beneficiary name on the payment account and your intended beneficiary, allowing you to validate the information before releasing the funds.
- Validating payment requests directly with the purported requester can also help reduce risk. The verification must be by direct contact with a known individual using a known telephone number. It is critical not to verify the payment via email or with the telephone number provided in the email.
- Positive Pay and ACH Positive Pay programs allow you to monitor debits processed for payment against your account and reject unauthorized transactions before losses occur.
As you continue to evaluate your treasury management processes and defend your accounts from fraud, there are two aspects to consider.
First, continue to educate your staff through random testing and training sessions. Awareness of the different types of fraud impacting your industry is the best line of first defense.
Second, confirm that your accounts are utilizing fraud protection tools offered by your financial institutions or insurance companies.