External fraud can freeze card use.

According to AP Now’s 2016 Payment Fraud Survey, 53% of organizations put the freeze on Commercial Cards by limiting or restricting usage due to concerns about external fraud. The frequency at which cards are replaced as a result of a compromise, data breach, or fraud can feed these concerns. As discussed below, the majority of organizations have had cards replaced in the past 12 months. What can you do internally to help reduce external card fraud? Recharged Education, in support of International Fraud Awareness Week this week, shares tips. Read on to learn more. 

Replacement Cards

In recent years, there have been several high-profile cases of data breaches or compromises involving big box stores and others. A common proactive response by providers is cancelling at-risk cards and issuing replacement cards. The graph below from AP Now’s 2016 Payment Fraud Survey (www.ap-now.com) shows the percentage of cards replaced at each respondent’s organization in the past 12 months. (The remaining 16%, not represented in the graph, were not sure about the percentage.)    

Having a card replaced can be inconvenient, especially if the old card was tied to automatic/recurring charges, but it serves as a protection. The process cost of dealing with card closure and reissuance should be minimal compared to the process savings and efficiencies achievable through card usage. You can do the math to verify this assumption, beginning with identifying the tasks associated with replacement cards (e.g., disposal of old card, activation of new card, notification to applicable vendors, etc.). If you need assistance with calculating the process cost, please submit a contact form.

Of course, replacing 2% of cards in a program with 200 cards is quite different than replacing 2% in a 2,000-card program. Regardless of program size, an organization should do what it can to help minimize external fraud.

Before your organization makes the drastic decision to put the freeze on card use, consider the many protective controls and the value of card payments.

Before your organization makes the drastic decision to put the freeze on card use, consider the many protective controls and the value of card payments.

Action Items

In addition to what the industry is collectively doing to protect card payments (e.g., EMV/chip cards, additional technology like biometrics, fraud monitoring, etc.), an end-user organization needs to be diligent.

  • Stress to cardholders the importance of their role in fighting external fraud.
  • Mandate training pertaining to card security; see related blog post.
  • Enforce cardholder review of their transactions at least monthly.
  • Ask cardholders to sign up with the card provider to receive text alerts about suspicious activity.
  • Ensure card policies and procedures instruct cardholders on what to do if they suspect fraud.
  • Audit key aspects of card security. For example, simulate a phishing phone call and see how a cardholder responds. 
  • Stay informed on fraud and emerging threats.  
  • Within supplier contracts, include language about compliance with the Payment Card Industry Data Security Standard (PCI DSS).

International Fraud Awareness Week

November 13–19, 2016

Learn more about this week, including downloading 5 fraud tips every business leader should act on and viewing a special promotion by Recharged Education on its P-Card Risk Assessment Template.  

About the Author

Blog post author Lynn Larson, CPCP, is the founder of Recharged Education. With more than 15 years of Commercial Card experience, her mission is to make industry education readily accessible to all. Learn more

Subscribe to the Blog

Receive notice of new blog posts.