Criminals are compromising emails to steal money from businesses, governments and institutions. Any organization can be a target: businesses of any size as well as health care organizations, education, and local and state governments. Recent headline cases include Ubiquiti Networks, Toyota Boshoku Corporation and Scoular Company. And the U.S. territory Puerto Rico offers a classic … A Classic Case of Vendor Email Compromise
Who would violate OFAC sanctions? Few intentionally. Perhaps a company already doing business with a foreign company before a sanction is put in place. Or just a company without an adequate program to review sanction lists regularly, whether against vendors or customers. (And maybe there are a very few too anxious to grow business in … A Cautionary Tale of OFAC Violations and Mitigations
Appearances and Vendor Payments One of the most iconic scenes in a Hollywood heist movie comes near the end of Ocean’s Eleven. The “team” minus Danny Ocean lean against the balustrade in front of the Bellagio on the Las Vegas strip, quietly gazing at the fountains as Debussy’s beautiful Claire de Lune plays. Then one … Falling for the Illusion of Cybercriminals Will Cost You
ACH has steadily grown, while check payments are declining. Seventy-eight percent of organizations use ACH for some vendor payments. And while 82 percent of organizations still make some payments by check, according to a survey by the Association for Financial Professionals (AFP), the volume of checks by businesses has been steadily declining. According to the Federal … ACH Rising: What It Means for Vendor Information Management
With the pandemic-driven shift to remote work, many organizations moved more check payments to electronic formats, primarily ACH. That has necessitated vendors providing organizations with bank account information. Criminals, of course, go where the money is. And in the hasty shift to more electronic payments and, therefore, more vendors sharing bank account information, many organizations … Two Controls to Protect Vendor Bank Account Information
Do you have controls on managing vendor information and the vendor master file? Do you follow them? Experienced managers will say, “Duh.” However, others can use a reminder, so here it is. “With commerce comes fraud,” says Nathan Blecharczyk, co-founder of Airbnb. The Association of Certified Fraud Examiners (ACFE), in its 2020 Report to the … Why Vendor Controls and Confirmations Are Critical
The arm of the law is not only long but patient and painstaking. This month, the U.S. Department of Justice charged a former account manager for Swedish telecom giant Ericsson with conspiracy to violate the Foreign Corrupt Practices Act (FCPA). The one-time Ericsson employee facilitated the payment of $2 million to two high-ranking officials in … Payables and FCPA Compliance
Managing vendor information entails risk. The vendor master file is the key to vendor payments. Errors in the vendor master can lead to costly mistakes, and the master file is a prime target for fraud. There is also a risk of non-compliance with particular government tax, sanction and exclusion programs. Further, some of the vendor … What Are Your Risks in Vendor Information Management?
Criminals Steal $650,000 from Non-profit Organization. It was a heartbreaking discovery. A non-profit organization paid out an amount equating to 26 percent of its annual revenue over a month in what the organization thought was legitimate project payments. When the executive director later spoke to the group that was to hire architects and engineers for … Anatomy of Business Email Compromise Fraud
Hackers continue a relentless barrage Last December, the U.S. government announced a major cyber breach by Russian hackers. Before we had understood fully the impact of that attack on 18,000 organizations and government agencies, we learned “holes” in Microsoft’s email software led to another compromise of 30,000 U.S. organizations. That attack was by Hafnium, a … Cyber Risk Statistics and the Need to Secure Sensitive Information
Your vendor master file constitutes a critical set of dynamic data. It continually changes through additions, modifications and expiration of active records. Safe practices include getting complete information from a new vendor and adhering to internal controls on access and changes to the vendor master. Because vendor master files are ever-growing, like a garden, they … Unwieldy Vendor Master? To Reduce Risk, Divide and Conquer
Someone is out to get you. Hackers are working full time. And with your team working from home now, you face greater risk. Cyber-criminals are constantly working to find soft spots or weak links in your organization to exploit. And hackers study human behavior and are good at manipulation. When everyone first started working from … Is Your Remote Team Sufficiently Cyber-Security Savvy?
