Did you know there is something happening in the business world that could cost you 5 percent of your gross revenue? Did you know it is preventable? According to the Association of Certified Fraud Examiners, U.S. businesses will lose an average of 5 percent of their gross revenues to fraud.
While it is important to stay up to date on fraud trends, it can be a daunting task even for the savviest businesspeople. However, there are simple policies and practices any business can put in place to guard against the most prevalent types of fraud.
Checks may have been around prior to the formation of this country, but their long history does not make them safe. Many people fail to consider that when you write someone a check, you are literally handing them your bank account number. Using other forms of payment, such as ACH or online bill pay, will ensure your payments get into the right hands and nowhere else.
If you must use checks, consider utilizing a fraud prevention product like Positive Pay, which is offered by many banks, and put thoughtful policies in place, including:
• Never leave checks or bank records unattended in order to assist customers.
• Be cautious with the information that can be viewed by passers-by, especially if your desk is by a window.
• Limit the number of employees with access to your checks.
• Any mailed checks should be taken to the post office or placed in a tamper-proof drop box.
• Keep close record of where your checks are, how many you should have, and what the sequence number should be.
• Continuously monitor your accounts for any signs of counterfeit checks.
• Report missing checks or unauthorized activity to your bank immediately.
Business Email Compromise
A banker receives an email from a customer who is the CEO of a successful family-owned business. In the email, she tells the banker that she is tied up in meetings and asks the banker to originate a wire to one of the company's suppliers. She says it is imperative the wire be sent immediately so as not to delay the shipment of some very important merchandise. Although the email came from the customer's email account, the urgency of the request is unusual and raises red flags for the banker. The banker asks the CEO to call the bank, but she insists she cannot leave her meeting. The banker calls her office, and she answers on the first ring, completely unaware that someone had hacked into her email and was impersonating her.
This example is hypothetical, but certainly not fictional. The Business Email Compromise (BEC) scheme happens all the time. Businesses should be proactive to avoid falling victim to this scam by adopting policies such as:
• Prohibiting all electronic wire requests. Require that all payment or fund transfer requests must be verified directly, either face to face or voice to voice.
• Using dual control on any funds transfer requests.
• Training employees to identify red flags in emails such as improper grammar, spelling errors, unknown senders, urgent requests, or unexpected emails containing links.
Securing your finances from within
You hear a lot about how to keep your information secure from external threats, but ensuring your finances are secure inside your business is equally important. While you trust your employees and never expect them to be dishonest, statistics show that internal fraud happens more often than you would think.
Here are a few tips to keep your business secure from within:
• Never leave checks or bank records unattended in your office or in an open space. Ensure these documents are always kept in a secure location and limit access to appointed staff members.
• Limit the number of authorized signers on your accounts.
• Require dual signatures on large check items, which will ensure an employee cannot obtain or distribute significant funds without someone else's knowledge.
• Notify your bank immediately if any signers on the account are going to change. In the event a signer leaves your business, this measure will prevent potential unauthorized access to your accounts in the future.
• Implement procedures and controls internally to keep your accounts, your systems, and your sensitive business information secure. This could include dual control, reconciliation, required consecutive days off for each employee annually, or a simple quality control process.
Instituting procedures and controls will not only protect your business from internal threats, but also allow you to give your employees the trust they need to excel.
Of all the challenges facing business owners today, fraud is one of the costliest, and also one of the most preventable. Ensure your policies do not leave you exposed to potential loss. If you are not sure what you might be missing, consult with experts at your bank, engage with a cybersecurity firm, or seek out other business security professionals.