PrintIn a down economy, it’s more important than ever for businesses to protect themselves against fraud. However, a recent study by Guardian Analytics showed that 56 percent of small and medium businesses surveyed had experienced some type of attempted or actual financial fraud in the past 12 months. Fortunately, there are a number of ways to reduce the risk of your business accounts becoming a target for this type of attack.
First, ensure that your online banking activities are protected. One basic defense here is confirming that your online banking session is secure. Verify that the website address begins with “https” instead of just “http,” and check your browser status bar for a security symbol. Many use a padlock icon to signify that the session is safe. Follow good password protocol such as mixing upper and lowercase letters with numbers and symbols, and change passwords regularly. Don’t click on any links in unsolicited e-mail, even if it looks like it came from your bank. Your bank should pledge to never send you any e-mail requesting data such as passwords or account numbers. And of course, make sure that your computer has regularly updated antivirus and antispyware software installed.
Beyond these basics, use the following best practices to ensure that your online accounts are protected against both internal and external fraud.
- If you’re giving employees access to your accounts, limit access to sensitive functionality such as payment transactions. Be sure that access is removed when employees leave the company.
- Set up your account so that any payments scheduled by one employee must be approved by a separate user. For example, you may have hired a bookkeeper to enter payments on invoices, but someone else should do the approval of the actual payment.
- Set up approval limits around transactions. This can be done by transaction amount, type of transaction, and so on. You can also set up e-mail or mobile notifications to multiple members of your management team if any payments are initiated over a certain amount. Additionally, request notifications of any significant changes in your balances so that any problems can be addressed immediately.
Offline, separation of financial duties is again one important element of preventing fraud. Have more than one person review bank reconciliations, require more than one signature for checks over a set amount, and make sure there is dual control over the physical check stock.
Another important component of fraud prevention is employee education. Hold regularly scheduled training sessions for your employees (if necessary, hire an outside consultant to run the class) to review the methods and warning signs of financial fraud. This training can also cover other types of threats relevant to your company, such as internal and customer data security, network precautions, and on-site safety. The training should give your employees the ability to detect potential fraud and a clear plan for what they should do if they think they’ve spotted a red flag. Not only does this training give your employees tools to detect problems, it also sends them the message that management is aware of the potential for fraud and is actively keeping an eye out for suspect activity.
Finally, you can protect against ACH and wire fraud using a number of methods, such as the following.
- Keep separate accounts by function: You may want to have a different account for collections than you do for your payments to prevent inappropriate activity.
- Use a Universal Payment Identification Code (UPIC) for your accounts receivable activity. This is a dummy code that you can give out so that your partners can transmit payments to you via ACH, but they cannot debit the account.
- Establish wire templates for regular transactions so that information is consistent and correct, and set up alerts on these transactions so that notification goes out on unusual activity.
Financial fraud is one of the greatest dangers business owners face, but with adequate internal controls and external fraud protection established in partnership with your business bank, you can stop unauthorized transactions and prevent losses.
