How to identify and manage business risks

PayPal Editorial Staff

PayPal Editorial Staff

February 06, 2023

Business owner at her home goods shop working at a pos system.

From inventory to payroll to marketing strategy, there are many facets to running a business. Though it may feel impossible to pinpoint the most critical responsibility on your never-ending list of to-dos, risk management deserves a spot at the top.

How PayPal helps buyers

We know how important security and peace of mind are in online business. Learn more about PayPal Seller Protection here.

So go ahead and set up shop. We've got your back.

What is risk management?

Risk management involves identifying potential risks and developing strategies to both address and minimize their effects. In the business world, risks can be categorized as any event that may create a negative impact on your organization, such as fraudulent transactions, phishing, and more. By implementing the proper protections and measures, businesses can help reduce their likelihood and/or impact.

Why is risk management important?

Without mitigating risks, businesses of all sizes are in danger of suffering serious, far-reaching consequences, from financial and data losses to decreased consumer trust and loyalty. Even worse, if you receive a fraudulent payment, you could be held financially responsible for the loss.

For instance, from 2020 to 2021, reports of online fraud increased by 70 percent, amounting to almost $2.3 billion of losses from imposter scams and almost $400 million from online shopping fraud, according to the Federal Trade Commission.1

Though instances of fraud continue to grow rapidly, there are emerging tools, data-driven protocols, and adaptive risk management solutions that can help prevent risks, protect your business and buyers, and create a positive, trustworthy customer experience from search to checkout.

Risk types for businesses

Before we discuss how to identify, minimize, and prevent payment fraud risks, it’s helpful to understand common risk types that may affect your business, including phishing, chargebacks, and reversals.

Credit card fraud

Credit card fraud involves using an unauthorized credit card or credit card information to make a purchase. This can occur both when a fraudster steals a physical credit card or simply obtains the card information via phishing or data breach. On a positive note, there are proven ways you can reduce the chances of credit card fraud, including signature, billing, and photo ID verification.

Learn more about how to protect against credit card fraud.


What are phishing scams and spoofing attempts? On a basic level, phishing or spoofing is when a scammer impersonates or disguises themselves as a reputable brand. Think of it as an attempt to gain access to your sensitive data via fake emails, websites, text messages, or voicemails.

Get more strategies on how to avoid common e-commerce scams.


What is a chargeback? As the name suggests, a chargeback is a transaction reversal. It occurs when a customer contacts their debit or credit issuer and requests a refund after a completed transaction.

Learn more about chargebacks and how to prevent them.


What is a payment reversal? Similar to what is a chargeback, a payment reversal (sometimes called an ACH return or bank reversal) arises when a request is made for a merchant to reverse a transaction and return the funds back to the method of payment. This request may come from the customer or the bank and is usually filed because of suspected unauthorized use of a bank account.

Learn more about bank reversals and how to prevent them.

How to identify risk

As a business owner, it’s important to not only be aware of the potential for fraud but also take steps to prevent and mitigate risk. In the online payments world, red flags to watch for include unusual or large orders, mismatched billing and shipping addresses, and suspicious email addresses.

Staying vigilant and taking preventive measures can help protect your business. The following are common signs of unusual or scammer activity that may suggest fraud and indicate you should investigate further:

  • Shipping address is in a high-risk country or location that’s known for fraud.
  • An order is larger than normal.
  • You receive an unusually large number of orders during an unusual time of day.
  • You receive an unusually large number of international orders within a short period of time.
  • An order consists of multiple requests for the same item.
  • Several orders from different customers are shipped to the same address.
  • The billing and shipping address don’t match.
  • A customer asks you to change the shipping address after the order has been paid for.
  • You receive multiple credit cards for the same order.
  • A customer asks for rush or overnight shipping.
  • The email address looks suspicious.
  • A customer overpays you.
  • The shipping address looks suspicious.

Learn more about signs of unusual buyer activity, plus common e-commerce scams to avoid.

How to prevent risk

Among the 2.78 million fraud reports in 2021, a majority involved credit and debit cards as well as payment apps or services, amounting to more than $300 million in losses.¹ While it may feel inevitable to businesses, there are steps you can take to minimize the risk of fraud in your operation.

  • Keep an eye on your accounts, transactions, and orders for any suspicious activity, such as mismatched billing and shipping information or anonymous email addresses.
  • Regularly review financial statements.
  • Set purchase limits on the number of orders you accept from customers.
  • Use the address verification system (AVS) as part of your payment processing solution.
  • Require card verification value (CVV) as part of your checkout process.
  • Implement other advanced identity and billing verification practices.
  • Keep all software and systems updated, and use business-grade anti-malware and anti-spyware software.
  • Make a record of transactions that you suspect may be fraudulent or risky.
  • Include your company name prominently on invoices to help customers easily recognize legitimate charges or transactions and reduce chargebacks.
  • Contact customers before their orders ship to confirm order details and allow them to catch any mistakes or errors.
  • Train employees on how to identify and prevent fraud.
  • Consider using advanced fraud prevention tools.

Discover more about fraud management tools and strategies.

Take advantage of PayPal’s risk management features

PayPal’s advanced Fraud Protection technology and Seller Protection on eligible transactions can help businesses guard against fraud and other scams like phishing and identity theft.

Get more information about our risk management solutions.

Was this content helpful?

Sign Up for the PayPal Bootcamp

In partnership with three expert business owners, the PayPal Bootcamp includes practical checklists and a short video loaded with tips to help take your business to the next level.


We’ll use cookies to improve and customize your experience if you continue to browse. Is it OK if we also use cookies to show you personalized ads? Learn more and manage your cookies