Navigating B2B Fraud with Trustmi
Navigating B2B Fraud with Trustmi
Juliana Pereira, SVP of Marketing, Trustmi
In episode 92 of The Payments Show Podcast, I spoke to Juliana Pereira who is the SVP of Marketing at Trustmi.
Trustmi is a payment security solution that protects businesses from losing money through cyberattacks, internal collusion, human error, and ensuring payments go to the right place.
AUDIO VERSION: thepayments.show
Episode Highlights:
Detecting and Preventing Invoice Fraud: Safeguarding Your Organisation
… how can you know from an invoice that you receive that that's the right invoice? and it's not a fraudulent one? and you're paying the right person? Well, what we do is with every vendor that you work with, we build what we call a baseline or a digital fingerprint. And so we look at all the communication in the past you've had with that vendor: not just the tone of the communication, but the people involved in the communication, how often are you paying them? are the invoices being sent? what do the invoices look like? how is that being paid? Everyone who needs to approve it and, when you have to make the payment, all of those details. I mean, it's hundreds of data points.
The Insidious Insider: Internal Collusion Exposed
On the internal collusion side, this gets really interesting… I call it the insidious insider. They are very smart, because as you mentioned, they know the systems, they know how it works, they know the process, they know that Bob is not seeing what John did and approving this without that and they know who has access to what system. So in this case, because we layer into, and integrate into all these different systems within the B2B payment process, we're able to see who uploaded that invoice into the ERP, or entered in the information? And oh look, this person over here, they came in later and they changed the banking details, and then they changed them back after the payment went through. We can see those nuances.
Catching Fraud in 7 Days from a PoC
For our POC, we are very proud of the fact that we can get up and running very quickly. We can actually start calibrating it within a week. To start gathering data and start showing the historical data. Just give us a data dump from the past year, past two years. We'll use that to calibrate our system to then start building that baseline for the vendors. And then we can look to see if there was an incident or where there were suspicious signals that would have indicated an incident would happen or whatever. And then within the second week, we can already provide an analysis.
I can't name the client, but we showed them in the second week an incident that was a fairly large amount of money on an attempted fraud. And the security team over there didn't believe us. They couldn't believe that we pulled together the entire timeline, something that took them three months as a team to pull together and be able to dissect when it happened. We were able to show it after looking at their data for one week.
