Cheryl A. McVay, Certified Treasury Professional (CTP) | Posted on Mar 01, 2016
Cybercrime and other types of fraud continue to impact businesses every day, both in our community and nationwide. Consider the following tactics to protect your business accounts and minimize your risk of being a victim of fraud.
- Practice Daily Reviews: Businesses can no longer wait for a monthly bank statement to arrive. Account activity should be reviewed daily using your bank's online banking system to ensure the validity of all transactions. To mitigate the risk of internal fraud, ensure the person reviewing the account activity is not the same person issuing any checks.
- Protect Account Information: Check fraud continues to be a common occurrence. This is not surprising when you think about the many ways your account number is exposed to others every time you write a check. Why not minimize the number of checks you write by making payments in other ways, such as via ACH payments or using a credit card? You may also utilize separate accounts for important items such as payroll checks in order to isolate the exposure of your account number to a smaller audience. Finally, consider the use of Positive Pay, a fraud prevention product typically offered by your bank. By using issued check data that you upload to the bank, this service verifies all checks presented at the bank for authenticity prior to payment.
Remember to be cautious of fraudulent electronic debits as well. As a business, you only have a 24-hour window to dispute any ACH debits posting to your account. Consider the use of an ACH Debit Block offered by your bank to prevent unauthorized transactions from posting.
- Promote Security Best Practices: Be sure your online banking users are following best practices for online banking access security, which include using strong passwords, not sharing access credentials, not clicking on links in unsolicited emails, and not surfing the internet.
For businesses that use bank services offering the ability to originate online wire transfers or ACH files, make access requirements even stronger by using access codes via phone or security tokens, originating transactions under dual control and also authenticating using security tokens, setting up security alerts to stay informed of transaction activity, and ensuring your bank has set transaction dollar limits that are suitable for your business and serve to minimize risk exposure.
Finally, never act on an email request to send out money without first calling the sender to confirm the authenticity of the request. Be especially careful when the email stresses urgency or confidentiality.
- Provide Education to Employees: Educated employees are your best defense against fraud. Ensure that you are providing your staff with the tools and resources they need to do their job in a safe and secure manner. Hold computer and internet security training on a regular basis. Organize a team within your organization to develop procedures to mitigate fraud. Once in place, be sure all staff members follow these procedures.
Fraudsters are getting smarter and more determined in their efforts, often finding new ways to attack once the door closes on a previous method. Remain vigilant and partner with your bank in your ongoing efforts to keep your business safe from fraud.