Mitigating application fraud: the rise of SMBs and commercial loan fraud

Published: December 5, 2022 by Anna Whitener

Mitigating Application Fraud: The rise of SMB's and commercial loan fraud

Small and mid-size businesses, or “SMBs”, serve as the foundation of the nation’s economic vitality. The number, diversity, and significance of SMBs have mushroomed in recent years, with a corresponding growth in the tools and technology available to them.

But, as with SMBs, the commercial lending institutions that service them are also experiencing fluctuating interest rates, payment hierarchy shifts, and competition from other lenders. These growth aspects are conducive for both rapidly growing cash flows and borrowing volumes, but they are also conducive to something more nefarious. With digital transformations still very much underway in many firms, and economic uncertainty looming, one constant remains: Application fraud is relentless, persistent, and always increasing in sophistication.

What’s causing the rise in application fraud?

The growing problem of SMB loan fraud has been keeping compliance and risk management professionals up at night for years. But, to understand how loan and application fraud morphed from primarily a consumer issue into a crisis for commercial lenders, it’s important to understand what led fraudsters to these types of institutions in the first place.

Prior to 2020, credit risk professionals were struggling to process SMB loan applications, and while modernizing that process was something they hoped to tackle further down the line, the COVID-19 pandemic disrupted those plans. In a recent report the SBA identified more than 70,000 potentially fraudulent loans totaling over $4.6 billion were released by August 2020, mere months after the inception of the program. Lenders shored up online applications to handle the millions of PPP loan applications on behalf of the SBA and, naturally, fraudsters saw this as a massive opportunity. They turned their attention towards PPP loans by picking off more diminutive, less sophisticated regional banks and lenders, submitting fraudulent credit applications using false information.

SBA identified more than 70,000 potentially fraudulent loans totaling over $4.6 billion were released by August 2020, mere months after the inception of the program.


When the Recovery Act funds dried up, fraudsters shifted their attention back to larger commercial lenders, using a combination of tactics to defraud them out of loans they had no intention of paying back. In fact, one study found that 98% of B2B businesses reported fraud attacks in 2021, losing on average 3.5% of their annual sales revenues.Commercial lenders began to understand the extent of their vulnerabilities, which prompted a rapid increase in digital transformations, modernizing customer journeys to be more mobile friendly and capable of screening for fraud. And although many had already begun to ramp up their digital transformations, this process ultimately presented them with three distinct problems.

Weak identity screening bodes well for fraudsters

First, the online environment is attractive to fraudsters because they can exploit weaknesses in identity screening technology. So as consumer channels fortified their anti-fraud capabilities, it forced scammers to redirect their efforts and move on to new targets. Looking for big payouts, they turned to commercial lending institutions, who had yet to fully implement proper protections.

Older infrastructure a primary weakness

Second, because many online lending application systems lacked the type of sophistication necessary for real-time, accurate fraud screening, criminals could quickly leverage that lack of sophistication in their favor. As a result, commercial lenders across all industries felt vulnerable, especially those with limited or untrained staff who could not complete thorough manual reviews of suspect applications. As a result, fraud rates among commercial lenders increased dramatically.

Manual application reviews sap resources

Finally, in the wake of this sharp increase in SMB application fraud, many commercial lenders struggled to implement advanced analytics and fraud protection software to combat the growing issue. When Forrester Research polled credit services decision-makers in 2019 for Experian, one of the most interesting findings was the amount of time they spent processing new applications for credit. They spent 41.9 hours a week on average, with 1 in 3 businesses struggling to deploy advanced analytics or automated account reviews:

SMB application fraud: As diverse as the businesses themselves

A common misconception among commercial lenders is that they do not have an SMB fraud problem. For those that do recognize instances of fraud, there is a lack of certainty around how much it affects their bottom line, and what type of fraud it is. So, it’s important to understand what SMB application fraud is, and how it manifests.

SMB application fraud occurs when an individual or set of individuals applies for financial assistance with a commercial lender using deceptive means for personal profit. This deception can occur in several ways, presenting as first-party fraud, third-party fraud, or synthetic fraud and usually impacts commercial lenders during the account opening or onboarding process.

First-party fraud occurs when:
A person willfully misrepresents their personal information to take out credit with no intention of repaying.

Third-party fraud occurs when: A fraudster uses another individual’s personal details without consent to gain credit or steal products.

Synthetic fraud occurs when: An individual uses a combination of true and false personal information to fabricate an identity or application.

SMB application fraud affects commercial lenders across multiple industries, from traditional banking and fintechs, to trade credit, telecommunications, energy, and manufacturing firms. While these lenders range widely in scale, diversity, and sophistication, all are subject to SMB application fraud. One of the reasons fraudsters have disguised themselves as SMBs and increased their targeting of commercial lenders is that most of these institutions don’t have adequate protections to catch instances of fraud at this early stage. As a result, it has already affected the bottom line by the time it becomes clear that a loss was due to fraud.

Commercial lenders engaged in markets with high inherent fraud risk generally understand the safeguards to achieve nominal fraud protection. Still, they seldom have the right solutions in place at the right time. Alternatively, commercial lenders with minimum exposure to SMB application fraud are generally less aware of how these different types of fraud are impacting their revenue.

Consider the following realistic scenarios:

  • Equity Bank Southeast (EQBS) is a large financial services institution with branches and operations from Texas to West Virginia, with roughly $5 billion in assets. EBS facilitates cash management services for individuals and SMBs. Like most other financial services institutions, they were caught off guard by the widespread and rapid impacts of the COVID-19 pandemic and struggled to scale their efforts and fraud protections quickly. They have misclassified fraud losses as credit losses and bad debt, unsure of their true fraud exposure. They are looking for a solution that can integrate seamlessly into their current systems to improve their direct deposit account (DDA) opening and loan application processes.
  • Broadband Communications Inc. is a telecommunication holding firm with close to $450 million in net profits per year. The 2020 shift to remote working proved challenging for them as they struggled to reconcile the number of new customer applications with their diminished workforce. They do not currently have a team dedicated to mitigating fraud, despite observing an increase in losses over the last three consecutive quarters. They are vetting various organizations and solutions to help them establish a comprehensive fraud mitigation strategy, to deter fictitious applications at the onset of account onboarding.
  • Logistical Mechanical Supply (LMS) Inc. is a nationwide supplier of tractors, compressors, boilers, and other mechanical goods to local dealers and contractors. They have struggled in their recent operations to adjust to a more virtual environment with less physical staff and more technology. For example, their SMB application approval processes ran for decades with face-to-face authentication checks, a fitting procedure for a lender dealing with tangible goods and services. However, they noticed a major uptick in losses with less staff available to perform physical checks ahead of equipment deliveries. In addition, a few large-scale shipments have gone missing, resulting in over $850k in losses.

Consider how these businesses approach fraud:

Protecting your business from SMB application fraud

As fraudsters continue to advance in sophistication and awareness, siloed fraud strategies are no longer sufficient, and commercial lenders should consider arming themselves on multiple levels to stay ahead of losses. Without a holistic fraud protection strategy and modern, digital tools in place, commercial lenders are facing a reality of limited business growth and the potential for significant losses in revenue. A recent PYMTS study found that 47% of B2B businesses had chosen not to onboard new clients due to fraud concerns. Of course, developing a comprehensive anti-fraud strategy requires resources and the right tech stack. The same study found that 71% of organizations plan to implement better digital solutions for fraud prevention in the near future.

Commercial lenders will need to remain vigilant to prevent fraudsters from enacting SMB loan scams. Manual, reactive strategies and models with limited scope ultimately cost businesses more in the long run than investment in the right software and strategies. By investing in competitive, automated anti-fraud solutions commercial lenders can eliminate friction with honest customers and prevent unnecessary losses from scammers.

Don’t wait until fraud losses affect your bottom line

Experian can help you. No matter where you are on your journey, Experian is a trusted industry leader in fraud prevention. The new Sentinel™ fraud suite offers solutions specifically designed to help commercial lenders detect entity fraud during the application stage of the customer lifecycle. Backed by industry-leading data repositories containing over 250 million consumer data files and more than 28 million business records, the Sentinel suite works in concert to provide unparalleled coverage and predictive value.

Learn more about the Sentinel Commercial Entity Fraud Suite:

Follow Us!

Subscribe to our blog

Enter your name and email for the latest updates.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

About this blog

The latest insight, tips, and trends on all things related to commercial risk by the team at Experian Business Information Services. Please follow us on social media.

Stay informed by subscribing to this blog

Sign up for email notifications when new content has been published by Experian Business Information Services.
Sign Up