by Chris McCulloch
In today’s market it’s quite likely that your company has been targeted by some sort of fraud. In fact, the AFP Payments Fraud and Control Survey reported that 78% of companies were targets of payments fraud last year. As industries become more digitized, fraudsters are coming up with more algorithms and hacks to access companies’ sensitive information.
Here are best practices to help prevent fraud against your company.
ONLINE FRAUD PREVENTION
• Implement dual control and ‘out-of-band’ on all online payment transactions – ACH, wire, etc. Dual control requires a second level of approval to release online payment transactions. Out-of-band is an authentication process that utilizes a secondary device, thereby making it more difficult for fraudsters to access a system.
• Train your employees to never share online banking credentials (usernames, passwords, etc.).
• Never respond with your information to an email, phone call or text message requesting you to urgently activate or update an account. Avoid verifying your identity through a website or by calling a phone number.
• Perform regular system updates ensuring your antivirus, antimalware software and firewalls are up to date. Make sure these programs are always running and perform regular system scans to detect potential security threats.
• Always use trusted websites. Access your Enterprise Bank & Trust accounts and services through our trusted web addresses or mobile app (available in the Apple App Store and Google Play). Always sign in to your accounts using the appropriate web addresses given to you by bank personnel. Never click on a link in an unsolicited email or text message.
• Protect your internal network. Set up internal controls to protect your network and password-encrypt your wireless access. Set up guest Wi-Fi accounts to segregate access to critical systems.
• Do not access your business system in public systems. Utilize stand-alone computers for accessing your online bank systems to help limit fraud risks. A stand-alone computer does not require a local area network (LAN) or wide area network (WAN) to access for general use.
CHECK FRAUD PREVENTION
• Replace check payments with ACH and card payments. Doing so adds a layer of protection against paper-related fraud.
• Implement payee positive pay services on all accounts. Positive pay systems detect fraudulent checks and prevent them from being paid.
• Implement reverse positive pay services on low- volume accounts or when you are not able to submit issue files. This will allow you to verify, approve and pay/return all presented checks manually.
• Keep check issue files and online check registers up-to-date. This easy task helps ensures accuracy.
• Implement dual control with check issuance. Have one employee assigned to create checks and another to verify the checks and send the issue files to the bank.
• Secure check stock, blank checks and fax signatures. Require dual control when accessing these items.
• Shred unused or out-of-date check stock, blank checks and fax signatures. Take this action prior to disposing of these items.
• Track and investigate claims. When a customer, vendor or client claims to have paid a bill but your records do not indicate a payment was made, ensure the check was not intercepted.
Chris A. McCulloch, CFE, is a Corporate Fraud & Physical Security Manager and Senior Vice President for Enterprise Bank & Trust and has served in the fraud industry for more than two decades.
Submitted 5 years 271 days ago