How Banks Can Protect Your Business Against Fraud And Embezzlement

by Ken Eisler

The headlines are glaring: “Theft Charges for 4 With Ties to a Provider of Special Ed.” “Woman Gets 15 Years for Second Embezzlement.” “Embezzlement Suspect Says She Is Sorry for Stealing $160,000.”

Most businesses and owners are shocked at how quickly they can go from being in business to completely out of business. They do not seriously consider that a trusted employee could take their business and turn it completely upside down. So how does a small business turn into an employee’s personal ATM? Unfortunately, it is easy. Many times the employer puts the employee in the situation that allows him or her to steal. Owners typically focus on the everyday work of the business itself and leave the accounting, disbursement of payables and bank deposits to someone else.

Business owners want to think that the employees managing the funds of the business are loyal to them and that they would never do anything to jeopardize the business or the owner. If you believe that the bookkeeper is your friend and would never steal from you, you may be setting yourself up to be the next fraud victim. The problem I have seen in many of my clients’ businesses is the lack of separation of controls – a single individual, the friendly bookkeeper, manages the funds coming in and the funds going out, with very little oversight.
Your banker will have a number of products that can protect you from fraud and embezzlement. Let’s start with the basics. Your bank may have an online banking platform that allows you to proactively manage your account balances, retrieve check images online, create ACH transactions, initiate wire transfers and many other features. What you should be asking your banker is:
• Can I manage account access and abilities to transact online for different users, i.e. one employee can only see balances, whereas only the CFO or owner can initiate a wire transfer?
• Does the system allow for multiple levels of internal company control for ACH and wire transfer payments?
• Does the bank’s online banking access require the use of a “token” – a continuously changing electronic password – to help protect businesses against the threat of online fraud?

 If your bank cannot provide positive answers to these questions, you could be vulnerable.

I was at a loan closing with one of my business bankers with a new bank customer a year ago. During the document signing, the client asked whether I knew why he had to borrow the funds. He then explained to me that he’d had a bookkeeper in his employ for more than 10 years. He trusted her fully and provided her with full rein over the company’s finances. Unfortunately, his trust was misplaced. The employee had been writing checks to herself over the years to the tune of $200,000.

As we closed the loan and began to open his new deposit accounts, I explained the attributes of a positive-pay product that banks can provide. I described how this product can protect the company’s account from fraudulent check activity. Each day the company provides an electronic file with a listing of checks that have been written. Checks that match the issued check information provided by the customer are paid; exceptions are reported back to the customer through the online banking portal for review. The customer can instruct the bank to pay or return the check after the online review. I suggested that he use this service and that he be the person to handle this operation so he never has a repeat of the embezzlement that recently took place.

Another fraud prevention tool your bank may provide is electronic debit protection. This service protects the customer’s account from unauthorized ACH debits. Only ACH debits from the customer’s authorized trading partners are posted to the customer’s checking account. Any unauthorized transactions are returned. You would be amazed at the number of fraudsters who are out there attempting to electronically steal from your accounts.

You may also want to discuss using dual control for certain online transactions. Dual control requires the authorization of more than one person to complete electronic movements of money out of your account. This helps protect customers’ accounts, confidential information and financial health with a layered approach to online security.

These are just a few of the tools your banker should be presenting to you in order to protect you and your business from online fraud, both internal and external. If you have not had this discussion with your banker, you should initiate it as quickly as possible.

Ken Eisler is a senior vice president at First Bank and is group manager for business banking in Missouri, Illinois and Florida. He holds a bachelor’s degree from Rutgers University and an MBA from George Washington University. His office is in Clayton, and he lives in Kirkwood.