Fraud is one of the biggest challenges facing the hospitality industry today.
In fact, between 5-6% of the industry’s annual revenue is swallowed by it according to the Association of Certified Fraud Examiners 2022 Report on Occupational Fraud.
Without a comprehensive fraud defense strategy, hotels leave themselves vulnerable. It’s so important for hoteliers to understand each type of external and internal fraud, and how to avoid falling victim.
What Impact Does Fraud Have on a Hotel?
Fraud can have a frightening impact on hotels, damaging both reputation and bottom-line. It can also lead to a loss of your most valuable and loyal customers.
The cost of fraud at a hotel is often significantly more than the original sum lost. Factors like labor and investigation into fraud, chargeback-related expenses, and software security can tack on extra expenses.
How Is Hotel Fraud Evolving?
According to Hotel Management, hotel fraud is evolving in four key ways:
The use of EMV (Europay, Mastercard, and Visa) terminals shifts fraud liability away from the hotel and onto the credit card issuer instead.
A newer challenge for hoteliers is account takeover or loyalty fraud. This is where a fraudster obtains compromised account information to log into a customer’s loyalty account, and swiftly transfer points out. Guests often end up blaming the hotel.
A good number of hotels now use online check-in software, but many systems — especially those within hotel apps — lack the appropriate security, allowing fraudsters to check-in with stolen credentials. Canary Contactless Check-In, on the other hand, is built on top of their industry-leading fraud protection & PCI Compliant infrastructure and implements advanced fraud checks to provide an extra layer of security.
Fraudsters may check that a credit card is still active by booking a hotel reservation to get an authorization. For hotels, this means a high number of fake reservations, no-shows, and missed sales opportunities.
Want to find out how you can decrease hotel fraud by up to 90%?
What Are The Most Common Types of Fraud at Hotels?
It’s a good idea for hoteliers everywhere to acquaint themselves with the various types of fraud that hotels experience. Additionally, it’s important to ensure rank-and-file staff members understand the negative impacts of fraud and know what steps to take to keep it from happening at your property.
External Fraud Examples
External fraud is fraud committed by someone outside of your organization. This could include clients, competitors or vendors. This type of fraud could be committed by an individual, groups of individuals, or organized crime groups, for example.
From Clients
From chargebacks to using someone else’s credit card to pay for a room, there are lots of ways clients could potentially defraud your hotel.
Friendly Fraud
Friendly fraud occurs when someone unknowingly commits fraud by asking for a chargeback after making a transaction at a hotel. This might be because they don’t recognize the payment or simply don’t remember paying for their service.
Prevent it: Have a clear refund and cancellation policy in place and use recognizable billing descriptors on credit card authorization forms (i.e., your hotel’s name as opposed to the name of a management company or hotel group).
Chargeback Fraud
Chargeback fraud, while similar, has a distinct — more malicious — difference. In this scenario, a person knowingly pays for a product then asks for a chargeback. They might want to experience your hotel and keep their money at the end of it.
Prevent it: Use PCI Level-1 compliant digital authorization forms and mobile check-in solutions that deter bad actors from attempting fraud. It’s also wise to train staff to spot unusual bookings and document all conversations over email or otherwise. By presenting a secure front, you can demonstrate to bad actors that there is a high likelihood they’ll be caught.
Fraudulent Prepaid Bookings
This type of fraud could be carried out by individuals or groups posing as travel agents to make advance bookings with compromised credit cards. These bookings are then sold at a higher rate to oblivious travelers.
Reputation damage and financial loss may occur when and if the real cardholder raises a chargeback.
Prevent it: Keep an eye out for customers who use multiple cards, especially if they are declined often. Look at email addresses and make sure they match with the customer’s name.
Want to reduce chargebacks and fraud by up to 90%?
Hotel reservation fraud occurs when organized criminals make a large purchase on a compromised credit card, then cancel the purchase and request a refund to a different account.
Prevent it: Always refund cancellations to the account that made the booking and assess whether the information provided by the customer seems legitimate.
In-Person Refund Fraud
Unguarded point of sale terminals present criminals with an opportunity. Here they will take advantage of a quiet (or busy) front desk and send a refund to their account.
Prevent it: Lock terminals away and install security cameras. Additionally, it’s important to ensure you aren’t keeping any sensitive guest data, like credit card information, behind the desk in a binder or folder.
From Competitors
Competitor fraud can come in two forms: theft of proprietary information or sabotage. If you believe your hotel has fallen victim to one of these two types of fraud, you may want to call in a security specialist to investigate and advise on next steps.
Theft of Information or Industrial Espionage
Theft of information, or industrial espionage, can include business or customer information being stolen from a computer or network by a competitor to gain an advantage. Competitors may secretly employ an insider of your organization to spy for them.
Prevent it: There are several steps you can to prevent your hospitality business from being affected by industrial espionage, including:
Invest in secure data encryption software.
Limit access to sensitive information to only those with a need to know.
Use two-factor authentication and other security measures to protect access to sensitive systems.
Regularly review internal security procedures and test their effectiveness.
Educate employees on the importance of data security and the potential consequences of industrial espionage.
Sabotage
This is where a competitor knowingly sabotages your processes or tools, causing you to suffer a financial loss or hit to your reputation. In extreme circumstances, a competitor may hire what’s known as a click farm to repeatedly click your online ads to waste your budget.
Prevent it: Tighten both physical and digital security, and have your team monitor for any suspicious activity like a sudden streamline of 1-star reviews or ballooning ad spend costs.
From Vendors
While vendor fraud is rarer than client or competitor, it is more likely to impact small- and medium-sized organizations with poor internal purchasing practices. There are a few ways vendors can defraud hotels.
Billing Schemes
Billing schemes are where vendors falsify or alter invoice documents to gain payments that aren’t owed to them.
Prevent it: Use invoice matching methods or invoice automation to check an invoice against a purchase number or goods receipt.
Procurement Fraud
Procurement fraud occurs when employees, vendors, or both find ways to defraud a business throughout any stage of a procurement process. This includes, duplicating invoices, vendors bribing employees, over-billing, or not sending the agreed number of goods.
Prevent it: Do your due diligence during the onboarding process by researching a vendor’s background and financial stability.
Price Fixing
This is where vendors get together to agree on a minimum contract price. In this scenario, your business will end up paying more no matter which vendor you choose. Price fixing schemes can often be identified by employees over time, but can be very hard to uncover in the short term.
Prevent it: Look for suspicious indicators such as if vendors of a certain type announce price increases or decreases at the same time.
Internal Fraud Examples
It’s an unfortunate truth that dishonest employees exist in nearly every organization, hotels included. There are many ways employees can steal money, so let’s look at a few of the most common methods.
Skimming
Cash skimming is one of the most common types of fraud in the hospitality industry. It’s also one of the most straightforward. For example, let’s say a customer in your bar pays for a drink with cash and the bartender pockets the money instead of ringing it up. This is skimming.
There’s also a method called the “short ring” in which a client pays $10 for a cocktail, but the bartender rings it up as $6, pocketing the difference.
Prevent it: Monitor inventory and install cameras. Use an up-to-date POS system that requires manager approval for zero-ring sales, voids or overrides.
Coupon Fraud
Coupon fraud occurs when a customer pays for something full-price, but after the customer leaves, the employee applies a discount from one of the hotel’s advertised coupons and removes that amount from the customer’s payment. Obviously, the bad employee then pockets the difference.
Prevent it: Use an up-to-date POS system that requires manager approval for coupons. Email coupons directly to customers. Investigate staff members who regularly process suspiciously high volumes of coupons.
Inventory Theft
Inventory theft is another very common example of fraud, and can occur in front- or back-of-house. In this scenario, employees steal inventory items such as food from the kitchen, liquor from the bar or cleaning supplies from custodial stations. It can also occur in more subtle situations such as when a bartender pours larger drinks for clients to receive a larger tip.
Prevent it: Install security cameras and perform regular counts of inventory.
7 Ways to Prevent Hotel Fraud
1. Contactless Check-In
Contactless check-in is now a must-have in the eyes of many modern guests, and most hotels today should consider offering it as an option. However, it’s critical that hotels choose their check-in software wisely. Some technology providers offer a more secure solution than others.
Canary Contactless Check-In, for example, protects your hotel from fraud with built-in advanced fraud detection. It is also built on top of Canary's PCI Compliant infrastructure, which means customer data is locked up tight and transactions are secure.
See why Canary won “Best Contactless Check-In” & “Best Cyber Security & Fraud Prevention” solutions in the 2023 Hotel Tech Report Awards!
Comprehensive training programs covering multiple types of fraud will help employees recognize fraud when it occurs, and stop it before it happens.
Some employees may not even realize that certain things are fraud, such as over-pouring drinks for larger tips. Give them examples, and show them the measures you have in place to prevent employee theft.
4. Digital Authorizations & Contracts
Some hotels don’t realize that paper and PDF credit card authorizations forms are no longer PCI Level-1 compliant and breaches can sometimes mean a hefty penalty. Switching from paper to digital authorizations will help you deal with PCI non-compliance issues and reduce fraud.
Canary Digital Authorizations, for example, uses tools like Amount Verification, ID Verification, IP Flagging, and Fraud Algorithm to improve fraud detection and prevention.
You can also go a step further with Canary Digital Contracts which replaces non-compliant paper or PDF forms, and helps you sign contracts faster.
4. Communication & Collaboration
When it comes to reducing fraud, good communication and collaboration is essential.
Through training, enable your workforce to look for potential wrongdoing, and give them multiple ways to report it. Whether it’s in-person or over email, make sure these methods are advertised clearly to your employees. Post notices in staff bathrooms or send out emails.
Let your staff know that even if they have the smallest of suspicions, they should still report it.
5. Manually Review Payments
It’s a good idea to regularly review payments to prevent chargebacks and other types of fraud. If fraud has already occurred, this can help you prevent it in the future.
Here are a few things to look out for when reviewing payments:
Did the customer make a payment with more than one card?
Does the customer have a history of declined payments?
Does the customer’s email address match their name?
Does their information look legitimate?
It seems simple and tedious, but making quick checks like these could save your hotel $10,000’s per year.
6. Check IDs
No matter the client, no matter how loyal, it’s always a good idea to ask them for proof of identity as they check-in or prove a credit card for payment.
Again, it should be noted that Canary Contactless Check-In handles this automatically. Guests must submit their credit card, upload an ID, and sign the hotel's registration card.
7. Be Meticulous With Customer Data Management
With cybercrime and fraud as rife as it is, it’s more important than ever for hotels to assess how and where they store their customer data.
Documents like credit or bank cards, drivers licenses, and passports, are highly sought after documents. In the wrong hands, this information can wreak havoc for a client and for your hotel.
Canary Sensitive Data Management enables travel advisors to securely collect, store and send credit cards and IDs to suppliers with the leading Sensitive Data Management (SDM) solution.
Potential Remedies if You Are Affected by Fraud
While it is possible to recover funds lost to fraud, it’s not always guaranteed. Whether you’ve been a victim of fraud or looking to avoid becoming one, prevention is essential and must be prioritized.
However if/when you are hit with fraud, don’t panic. Follow these three basic steps:
Immediately contact your relevant departments such as accounting or IT.
Report the incident to your local law enforcement.
Collect all documents and information relevant to the case.
Disputing a hotel chargeback is possible, as long as you do your homework and provide the right evidence. You may be charged a fee to dispute the chargeback, however, this will be returned if you win.
Final Thoughts
Failing to protect your hotel or business from fraud can lead to disastrous consequences, including losing loyal customers and revenue. Ensure that you are using the right software, and move away from paper/PDF authorization forms.
It’s also important to not only educate yourself on the different types of fraud in hotels, but also your workforce. Teaching staff how to spot fraud could save you a lot of time and money.
Enhancing the Digital Guest Experience in the Hospitality Industry
Investing in new technology should not force you to deal with a slew of software. That’s why selecting guest experience solutions that integrate with your tech stack is so important.
What Can Guest Experience Management Do for Your Property?
Guest experience management is one of the key elements that sets hotels apart. Learn how to drive satisfaction, loyalty and memorable stays with techniques, technology and more.
Driving Revenue Growth: What is Dynamic Pricing in the Hotel Industry?
As technology continues to evolve, dynamic pricing will likely become even more targeted, letting hotels forecast and respond to market conditions in real-time.