Preventing fraud in the skilled nursing industry

Payment fraud continues to pose a threat across all segments of the economy, and the skilled nursing industry is no exception. While check fraud remains a common threat, cybercrime is a growing phenomenon. The Federal Bureau of Investigation (FBI) reports that complaints about cybercrime of all kinds have grown by 128% over the past five years to over 800,000 in 2022, and financial losses surged even more to $10.3 billion, or about 280%.

Having a financial partner who understands the nature and intricacies of the challenge of cybercrime is critical. In this article, we’ll examine common types of fraud, best practices for skilled nursing operators and how CIBC’s Treasury Services team can provide assistance.

Source: 2023 FBI Internet Crime Report 2022 (PDF, 1.8 MB) Opens in a new window. Includes crimes against individuals.

In phishing, a fraudster sends unsolicited emails, text messages or phone calls pretending to be a well-known organization, such as a bank, with the goal of obtaining financial or login information.

In this scam, the victim delivers goods or services but never receives payment. Or they pay for goods or services, but never receive them. In the latter case, a fraudster may send fake invoices using legal jargon that scares the victim into paying quickly. 

The FBI puts the financial impact of this scam at $2.7 billion in 2022. There are three types of BEC scams.

• Supplier: An email purporting to be from a supplier will provide “updated” payment instructions or new invoices. 
• CEO: An email appearing to come from the CEO asks the recipient to make a new or secret payment.
• Employee: A fake request appearing to come from an employee asks for updates to their payroll or banking information. 

This is an all-encompassing term for theft and fraud committed using a credit card and a variety of other payment mechanisms.

In this scam, malicious software, often downloaded via a link in a malicious email, gains access to the victim’s network. Once on the network, the ransomware will send a copy of the victim’s sensitive data to the fraudster and block access to systems and data. A pop-up message then demands funds in exchange for restored access to the locked files.

Skilled nursing operators can put practices in place to avoid these common forms of fraud.

To reduce fraud via emails and the internet, operators should:

• Validate the legitimacy of email requests by contacting the purported sender of the email using a trusted phone. 
• Examine email addresses, writing styles and spellings. Scammers often use slight differences in domain names that are easily overlooked. 

To minimize fraudulent payments:

• Verify payment instructions, whether received by phone or email. 
• Implement secondary approval on all online payments and administration services. Secondary approval requires two authorized persons to release payments and make user changes.
• Set reasonable transaction limits for each individual online banking user.

To remediate fraudulent payments, operators should take note: Time is critical! Unlike with retail customers, the time to recover losses is limited to minutes.

To protect against fraud more generally: 

• Teach your employees about fraud trends and implement Know Your Client (KYC) procedures. With a better understanding of your clients, your employees will be empowered to recognize fraudulent requests. 
• Ensure that cybersecurity procedures are robust and up to date. 
• Establish strong internal controls over your business data.

We offer a “high-touch” approach to fraud prevention. Because we have the systems and sophistication of a large bank, if a problem arises, we have the knowledge base and resources to address it. 

Internally, we also place a heavy emphasis on fraud prevention. We believe it is everyone’s responsibility, and we make a special effort to recognize employees who have protected our clients from fraudulent transactions.

Here are four ways our Treasury Services team can assist you in preventing payments fraud.

• Check fraud: Our Positive Pay service is an automated check-matching process that compares daily paid items against your issued checks to help you quickly identify fraud.
• Electronic payments fraud: Our Automated Clearing House (ACH) Positive Pay and ACH Debit Block establishes a template for recurring payments, where the beneficiary account and routing numbers cannot be modified.
• Login security: Token and out-of-band authentication prevents your account from being hacked.
• Overall prevention: An annual fraud prevention review is essential to ensure that all necessary controls and procedures are in place and functioning as desired.

Our Healthcare group has been through multiple market cycles and can help you reevaluate your financing needs or find creative solutions that suit your specific business. To learn more, visit our Healthcare banking page. You can also call our professionals at 312-564-1227 Opens your phone app..

All loans and other extensions of credit are subject to prior approval. The CIBC logo is a registered trademark of CIBC, used under license. ©2023 CIBC Bank USA.