You’d like to think your business is safe from payment fraud and scams. But there are many, sneaky ways that those with ill intent—both inside and outside your organization—can take advantage of your company.
But, by noting the below risks, you can begin to plug any leaky opportunities for fraudulent activities.
Using paper checks
According to this survey of finance professionals, three out of four businesses were victims of check fraud and check forgery in 2016. Yes, you read that right. Seventy-five percent of businesses have been subjected to financial crimes.
The true culprit? Paper checks.
Those little pieces of paper give fraudsters everything they need to steal your money—account number, routing number, and even your bank and address. It’s like handing burglars the key to your house.
Paper checks give culprits multiple ways to strike:
They can print checks populated with your company’s account information and numbers and cash them.
They can “wash” the ink from a check to change the payment information to different recipient names and dollar amounts.
They can use the sensitive information to partake in identity theft and make fraudulent payments or withdraw cash on a whim.
Furthermore, it’s hard to limit check exposure. How many people in your company have access to your check stock or signed checks? When you drop a check in the mail, how many people can see it or take it? What about the recipient? You have no idea who receives the check at a company and all the individuals that have access to that information.
To avoid check forgery, you should move to paperless payment methods such as EFTs, ACH transfers, and more. Using a provider such as Bill.com to conduct digital business payments can help combat fraudulent transactions as it restricts access to crucial banking information and provides elevated levels of security. And if you must use paper checks, Bill.com can help mitigate risk of this type of fraud by applying Positive Pay; the bank or financial institution matches the check issued with the check presented for payment.
No defined workflows
Employees should have clearly articulated roles in any process that can result in payments or transfers. If you lack definition around these critical processes, you’re setting your company up for fraud.
Does your company have written guidelines around payment review and approvals?
Is there a mapped workflow for payments in general?
Are employees trained on these processes and guidelines to recognize skimmers and phishing scammers?
Awareness is one aspect. Execution is another.
Passing paper invoices and checks from hand-to-hand is completely inefficient. It’s hard to track who has seen them, who has approved them, and who has paid them. It’s even more difficult to enforce time-tested rules like the separation of duties. For example, someone who reviews invoices should not be authorized to pay them.
This is where automated fraud prevention comes in. When you move to digital payments and adopt a bill payment solution, you’ll benefit from automated workflows. The system will enforce your guidelines, sending each invoice for review and tracking every step for auditing. No payment will be released until the proper protocol has been followed. No one can access the workflow process unless authorized.
Sharing banking account login information
Don’t give away the keys to the kingdom. Your online bank account is a virtual playground for those bent on ill intent—in your company and outside of it. You should share that information very sparingly—or not at all. It’s too easy for someone with that access to commit accounting fraud.
Once more, here’s where paperless posts come into play. A bill payment solution like Bill.com protects your banking information. Someone can OK a payment without ever accessing the online banking account. The system allows for user-based permissions, which means employees can only see what they need to see. And they rarely—if ever—need to have direct access to your bank account.
Alternatively, Bill.com now offers the ability to pay vendors with cards (i.e., Mastercard, Visa, Amex, or Discover)—even if they don’t usually accept credit cards or debit cards. You only need to enter your debit/credit card information once and go through authentication to start making digital business payments. Vendors will not have visibility into your credit card number, reducing potential stolen credit cards and credit card fraud.
Ignoring fraud prevention tools
You have multiple practices and tools at your fingertips to prevent check and payment fraud. Including:
Use only services that provide positive pay.
If someone leaves the company or is dismissed, make sure their login information is immediately deactivated. Take them off of any systems that might affect payments or other financial activities.
Budget for fraud prevention. A survey by the Association of Certified Fraud Examiners shows that “more than half of companies don’t have budget set aside for fraud prevention or risks.”
Train your employees. They should know what the company’s guidelines and processes are and be aware of standard security protocols to support them. They should also be updated on the latest tricks by hackers.
Consider regular external audits. A third-party auditor may spot red flags or other concerns missed by employees or your accounting team.
Consider regular credit monitoring. The top 3 credit bureaus are TransUnion, Equifax, and Experian—look into receiving regular credit reports from either of them. Have notifications set in place to alert you of suspicious transactions.
Your business is not safe from fraud. It’s time to understand the risks and take action. Remember: Preventative tools are your biggest ally—make sure to use them.