Alert Banner Text Goes Here Alert Banner Text Goes Here Alert Banner Text Goes Here Alert Banner Text Goes Here
What We Do
Since 1989, Bottomline has been modernizing global business payments with connected solutions for more than 800,000 financial institutions and businesses in 92 countries.
AP Automation AP Automation For Real Estate Payments Hub
Payouts Automation Payments Processing Receivables Automation Payments Hub
Paymode Pay Vendors Receive Payments Partner With Us
Connectivity Services Message Transformation & Enrichment Message Vault Risk Solutions
Connectivity Services Message Transformation & Enrichment Message Vault Payments Verification Payments Verification for Businesses
Global Cash Management Hub Digital Banking
Global Cash Management Hub
Who We Serve
Our Company
By Tom Dolan, Head of Revenue NA Corporates, Bottomline
Payment fraud is a constant concern in healthcare, with diverse and insidious attack types wreaking havoc on the industry. With healthcare systems still recovering from the pandemic, providers need the help of fraud and cybercrime specialists, stat.
The most common types of attacks are familiar to every industry. There are Business Email Compromise (BEC) schemes involving fraudulent emails that appear legitimate, tricking recipients into transferring funds to the fraudster’s account. There is the growing shadow of mail and check theft, insider theft, brute force online attacks to steal sensitive data, alarming ransomware threats, and (uniquely for healthcare) false medical vendor invoices.
The healthcare sector is more vulnerable to cyber fraud than other industries by nature, as its wealth of Personal Identifiable Information (PII) and massive payments volume are huge targets. Providers must also adhere to stricter data security protocols like the Health Insurance Portability and Accountability Act (HIPAA). Noncompliance is costly in more ways than one.
The 2024 ‘Trends in Healthcare Payments Annual Report’ from J.P. Morgan Healthcare Payments states that challenges faced by healthcare organizations “were compounded by a year of record-breaking damage from cyberattacks. The impact of cyberattacks on the industry simply cannot be understated as nearly nine out of ten organizations experienced an average of 40 attacks last year, while each attack cost millions of dollars.”
The elevated level of fraud targeting the healthcare sector now requires powerful prevention systems and energetic vigilance to stop losses.
Many Accounts Payable (AP) departments believe their existing controls are robust enough to prevent fraud. However, the rapidly evolving tactics of professional fraudsters often outpace the improvements in internal controls, leaving organizations vulnerable.
For example, the healthcare industry is wide open to ransomware attacks aimed at disrupting services and compromising sensitive data, with the expected and considerable financial cost. According to the IBM Security study, “Cost of a Data Breach Report,” the healthcare industry weighs in with the highest average data breach price tag, at $10.93 million. Beyond reputation and cost impacts, the lingering effects of such incidents underscore the need for stronger cybersecurity and fraud prevention strategies.
Reputational damage is another steep cost of cyber intrusion. The Harvard Business Review wrote that “it is well known that a cyber incident can sink an organization’s stock price, especially in the short term. Publicly traded companies suffered an average decline of 7.5% in their stock values after a data breach.”
How do you prevent these unfortunate outcomes? It starts by knowing the avenues that fraudsters travel.
Public Information
The healthcare sector is currently seeing a wave of mergers and acquisitions (M&A). While these activities aim to drive growth and efficiency, they also create significant distractions for CFOs and AP departments alike. An intense focus on the integration and consolidation of businesses and systems can lead to lapses in monitoring and the outright failure of outmoded fraud prevention systems.
Staff Turnover in Back Office Functions
High turnover rates in back-office functions, including AP departments, pose another risk. Frequent changes in personnel can result in knowledge gaps, inconsistent processes, and weakened fraud detection capabilities. This is especially true if new staff are not trained on cybersecurity measures.
Reliance on Check Payments and Manual Processes
Despite the availability of more secure payment methods, many healthcare organizations still rely heavily on paper check payments. This reliance increases the risk of check fraud and exposes organizations to significant financial losses, especially because checks are a growing source of fraud attempts.
For context, consider this: healthcare organizations can process hundreds of thousands of invoices annually. As the head of one healthcare AP team said, “We have 200 managers manually opening and keying invoices,” but the time to process a single invoice can take up to two weeks. Ardent Partners estimates that some businesses spend close to $13 to process a single invoice, making it inefficient and costly.
Once you know the attack vectors fraudsters will choose, it’s time to fight back.
The short answer is yes. The longer answer is simply a more detailed yes.
Protecting Payments
Digitizing payments via an outsourced payment network offers a robust way to combat fraud. This method of making B2B payments, typically using digital methods like ACH or card, provides advanced security measures and fraud detection technologies, significantly reducing the risk of breaches and theft.
For example, private B2B payment networks can ensure every member business is authenticated and validated. Businesses will often join a B2B payments network and discover quite a few of their existing vendors are both already signed up and protected from impersonation.
Protecting Sensitive Financial Data
AP automation also helps protect sensitive financial data from fraud. Even if a company gets hacked, the bank details of vendors and other sensitive information remain secure due to the stringent security protocols implemented by the best of these providers.
As a bonus, healthcare organizations using AP automation and payment networks don’t need to handle updating their supplier bank account details, which is both a potential fraud vector and a hassle.
"By automating payments and incorporating advanced vendor authentication and fraud detection technologies, healthcare organizations can significantly reduce their risk of payment fraud, said Brad Garfield, Head of Market Management & Client Solutioning at JP Morgan Chase.
“In addition to protecting sensitive financial data, preserving company assets, and safeguarding the organization’s reputation, digitizing supplier payments can simplify core processes and improve the vendor experience. The upside for providers is considerable,” he added.
Ongoing Vendor Authentication
Automated AP solutions include ongoing vendor enrollment, ensuring that all vendors are properly vetted and authenticated before any payments are made. This continuous process helps maintain a secure and trustworthy network of vendors, reducing the risk of fraud.
Suppliers like the fact that B2B payment networks offer easy invoice matching, automated cash reconciliation, compliance controls for visibility of payment-level information, and enhanced speed. A dedicated B2B option tends to win with suppliers and keep them secure, benefiting both sides of the transaction.
Ensuring a Strong Business Continuity Plan
Even with AP automation in place, a strong Business Continuity Plan (BCP) is essential. AP automation providers should help organizations develop and implement robust BCPs, ensuring that critical payment functions continue uninterrupted even in the face of cyber-attacks or other unexpected disruptions.
This proactive approach minimizes downtime and financial losses while enhancing overall security, encouraging innovation and vigilance for healthcare organizations.
Business payments have made huge strides to rid themselves of paper payments since 2020, with organizations turning to companies like J.P. Morgan and Bottomline to bring in secure, speedy digital payments and modernized payment operations. Checks have persisted, but over time that payment method is fading away in favor of secure, digital methods.
Healthcare companies, from hospitals to insurers, continue to struggle with staffing issues and sweeping changes in their organizations and to the larger industry. They can’t control that. What they can control—and eliminate—is the use of paper checks and processes that are risky, costly, and slow.
For companies that haven't made this healthy and essential change, now is the time to cash in on the security and efficiency benefits of digitized B2B payments and processes.
