Payments-related fraud is startlingly common. In 2012, two-thirds of businesses reported actual or attempted fraud related to payments, according to the Association for Financial Professionals Payments Fraud and Control Survey. The average loss from payment fraud in 2012 was $20,300.
You can’t prevent fraud attempts, but you can reduce the risk. In this case, “an ounce of prevention is worth a pound of cure” because dealing with fraud after the fact is often fruitless. Even if the perpetrator is caught, you may never get your money back. From our vantage point as bankers, here are some important ways you can protect your business.
Preventing check fraud: To protect your business accounts, purchase check stock from known vendors that include built-in security features. Store checks, deposit slips, and statements securely. Establish a policy for employee check orders and reorders. Reconcile accounts daily using online banking. Also, recognize that electronic payments are often more secure, so move to ACH (Automated Clearing House) for payroll, billing and vendor payments.
Preventing electronic payments fraud: Keep criminals from hijacking your ACH payment origination system through malware or “phishing.” Dedicate separate computers for Internet browsing and online banking access. On computers used for banking, block plugins and pop-ups. Also, be sure to keep your software up to date, change employee passwords frequently and reconcile your accounts daily online. Use Positive Pay (an electronic system for comparing cleared items with a file of known issues) and ACH debit filters and blocks to identify suspicious transactions.
You also need to guard against insider fraud. An unscrupulous employee may manipulate ACH files and wire transfers or provide fraudsters with login credentials for a fee. To combat insider threats, implement “dual control” for all payment methods and segregate employee duties. Ensure employees log out of online banking sessions when not in use. Also, never store sensitive information on portable devices.
Establish robust policies and procedures that govern your entire payments process – including prompt reporting of any suspicious transactions. Work with your bank’s treasury management department to ensure sophisticated fraud-prevention methods are in place. Finally, always maintain skepticism!
Sheila Stuyvenberg and Maggie Stauff are treasury management advisors for Madison-based Wisconsin Bank & Trust, and Greg Normington is a treasury management risk manager for Dubuque, Iowa-based WBT parent Heartland Financial USA, Inc.