Among the fallout from the COVID-19 pandemic is an increase in fraud and cybersecurity risks in the equipment finance industry in recent months. These threats and recommendations for combatting them were among the critical topics for equipment finance companies discussed during the Equipment Leasing and Finance Association’s April 29 webinar “Cybersecurity and Fraud in the COVID-19 Environment.”
Nearly 400 attendees participated in the detail-packed presentation in which speakers Andrew Cotter, EVP and CIO, Somerset Capital Group, Ltd; Dominic Liberatore, Deputy General Counsel, DLL; and Tom Ware, President, Tom Ware Advisory Services, LLC highlighted key points and provided guidance on how to protect your business and data in an increasingly technology-based environment.
Leasing Fraud
Equipment finance companies need to be more vigilant during the pandemic due to a number of conditions. Among them: high unemployment and shuttered businesses make scammers more motivated to commit fraud. Stay-at-home orders make collateral inspections more difficult to conduct. The classic fraud of pretending to be an established business, whether borrower or dealer, will be easier to commit with people working from home and businesses temporarily closed. Finally, with employees working remotely, communications within equipment finance companies may be more siloed or reduced.
What kinds of fraudulent activity should you be beware of? In commercial equipment finance, one con is to perpetrate a “pump and dump,” when a borrower does two, three or four deals in a row and then disappears. Also, equipment finance lenders are reporting cases of synthetic websites, spoof e-mails and phone numbers, and e-mails being hacked to send fraudulent payment instructions to lenders.
General Tips to Prevent Fraud
The following are among the steps to help identify and prevent total, partial or technical fraud in the COVID-19 environment:
- Temporarily reduce or eliminate automation so that additional checks and balances can be implemented.
- Have a single person review the vendor, collateral, credit and documentation to get a holistic view of the transaction.
- Pull more reports from information providers such as PayNet, Lexis-Nexis, secretaries of state and others for verification of names, addresses and how they change and match up over time.
- Use Google Earth, Satellite View and Street View to determine whether business addresses are visibly legitimate (e.g., not boarded up buildings or P.O. boxes).
- Consider getting the first payment in advance, with a corporate check if possible.
- Monitor the magnitude of fraud at the portfolio level. First payment defaults are a good proxy.
- Carefully monitor performance of vendors and deals over time.
- Question applications for equipment not common for the borrower’s type of business.
- Look more closely at any requests from restaurants, brick-and-mortar retailers, hotels, energy producers and other industries hard hit by pandemic shutdowns.
The Role of e-Signatures and e-Leases
Paperless equipment finance transactions with e-signing and e-leases are more commonplace in the last few years, with ELFA leading the initiative for their adoption. With industry participants working remotely during the pandemic this trend will only continue. Done properly, e-signing and e-leasing are just as secure as paper leases and potentially more so. However, it’s important not to get complacent in the digital world.
Some recommendations for minimizing fraud risk include performing due diligence of the e-sign provider for its signer authentication process, size and overall visibility, and questioning a customer’s selected e-sign service. For equipment finance transactions, it’s important to retain an audit trail through a certificate of completion. Not simply a cover sheet, this is a key document that summarizes who signed the lease, the date and time when signing occurred, and the IP address(es) used.
Cybersecurity
Cybersecurity threats like phishing, malware, ransomware and advanced persistent threats pose more risk in the COVID-19 remote work environment. IT departments scrambled to enable remote access and source equipment, many employees are working from home for the first time and existing plans were insufficient to maintain a viable security posture for such a large shift this quickly. To develop good cybersecurity hygiene, some steps to take include the following:
- Develop a culture of awareness and educate employees about their responsibilities in a remote setting.
- Review your business continuity plans.
- Expand monitoring since cyberattacks are increasing and boundary-protection mechanisms won’t secure users as well when they are working remotely.
- Keep up on patch management and updates.
- Review external relationships and maintain good procurement processes with third parties who will have a door into your network system.
Fraud is a constantly evolving threat. If some component of deal does not feel right, it might not be. Drill down, pick up the phone, go to the customer or perform other due diligence in light of facts and circumstances. And remember, it’s always obvious … in hindsight.
A recording of the webinar and the webinar slides are available at https://www.elfaonline.org/events/elearning/web-seminars
More Webinars to Come
The April 29 webinar was part of ELFA’s “Wednesday Webinar” series designed to help equipment finance professionals navigate the current market and regulatory landscape and anticipate the changing environment in the face of the COVID-19 pandemic. The free webinars include live Q&A sessions so participants can connect with experts and colleagues on the issues they are grappling with. To register for upcoming webinars or view recordings of past events, go to here.