The latest enterprise risk management news from around the world

A survey of chief financial officers (CFOs) at online merchants across 10 countries has found that fraud is on the increase across the board. Commissioned by Ravelin, the survey identified the following growth figures in various areas of fraud risk:

  • Online payment fraud (54 percent)
  • Account takeover (50 percent)
  • Returns and refunds abuse (52 percent)
  • Promotions abuse (52 percent).

The study shows that fraud remains a significant threat for businesses trading online. As a result, finance leaders overwhelmingly expect their fraud teams to grow over the coming months - with a third of respondents agreeing their teams could grow by 20 percent or more.

Entrepreneurial fraudsters

The CFOs and CROs surveyed say the rise of the criminal customer and of professional organised fraudsters has increased substantially over the last 12 months. 57 percent of CFOs polled agreed they are seeing increased evidence of sophisticated ‘fraud as a service’. These schemes involve organized groups buying items using stolen card details, reselling them to customers who are often unaware of their involvement in criminal activity.

The rise of the ‘criminal customer’

The survey finds that merchants’ own customers are almost as likely to commit fraud as organized criminals. Indeed, over a third of finance leaders describe first party frauds including ‘friendly fraud’, returns, and promotions abuse as the number one risk factor facing their business. The high levels of friendly fraud, promotions, and policy abuse, possibly accentuated by the cost of living crisis, mark the rise of the ‘criminal customer’.

The trend seems particularly pronounced among younger age groups. A separate study by fraud agency CIFAS found one in 13 people admitted to involvement in some form of first-party fraud - rising to one in seven among digitally-savvy 16-34 year olds.

Novel forms of payment are harder to challenge

The data also highlights the challenges of fraud relating to buy now pay later (BNPL) schemes and other novel forms of payment.

While debit (63 percent of respondents) and credit cards (68 percent) remain the most common vectors for card fraud, they are the easiest for merchants to successfully challenge in fraud disputes.

On the other hand, methods such as Apple Pay, Google Pay, and BNPL schemes like Klarna are more likely to represent a headache for online merchants regarding dispute resolution. Just five percent of respondents agree they have had success challenging BNPL payment disputes.

Ravelin CEO Martin Sweeney, said: “CFOs at online businesses, who have overall responsibility for fraud, tell us fraud from organized criminals remains a perpetual thorn in their side. But fraud by their own customers runs close behind. They recognise the vast majority of Internet shoppers are scrupulously honest, but recognise they need to be increasingly vigilant for those who are not.

“However, we find that the stock response to growing fraud is to throw more money and resources at it: bigger fraud teams, more processes. This is unsustainable: fraud will continue to grow and mutate, customers will become more demanding, losses will continue to grow.

“CFOs need to get on the front foot managing fraud: using automation to nip fraudulent transactions in the bud, while freeing up their expert human investigators to help minimise profit erosion, inform product development, and help grow the business.”


Ravelin commissioned research provider Qualtrics to carry out an online survey of 1,900 e-commerce leaders from merchants across 10 countries, including CFOs, CTOs, Chief Risk Officers, and fraud and payments managers. Survey participants work for online merchant businesses with more than $50 million in annual revenue.

Read the report ‘Fraud in a short-attention economy’ (PDF).

Want news and features emailed to you?

Signup to our free newsletters and never miss a story.

A website you can trust

The entire Continuity Central website is scanned daily by Sucuri to ensure that no malware exists within the site. This means that you can browse with complete confidence.

Business continuity?

Business continuity can be defined as 'the processes, procedures, decisions and activities to ensure that an organization can continue to function through an operational interruption'. Read more about the basics of business continuity here.

Get the latest news and information sent to you by email

Continuity Central provides a number of free newsletters which are distributed by email. To subscribe click here.