Keep Your Business Healthy with a Mid-Year Security Check-Up

Nationwide, businesses and individuals have seen an uptick in fraudulent theft attempts this year, and we want to help your business be vigilant and avoid losses. Even though you may be busy facing the challenges of supply disruption and inflationary pressures this year, don’t miss an opportunity for a quick system check of your security procedures to make sure you catch any vulnerabilities before someone else finds them. Here are six places to start:

• Remind every employee to be on the lookout for suspicious emails. Email continues to be the #1 access point for criminals to steal from businesses. We see emails with infectious links arriving right before holiday weekends when employees are either trying to blow through emails before leaving work or logging in remotely. Email subject lines that are most likely to be opened without careful examination include “Staffing update,” “Please read: new vacation schedule,” and the old favorite “Payroll has been delayed.”
• Verify every request to change to billing information. An all-to-common loss scenario we see occurs when a business receives a request from a trading partner to send payment to a new address. The paying company then sends payment in the form of a check, ACH payment, or wire transfer and finds out after the payment is made that the request was fraudulent. The chances to recover payments depends on the individual circumstances, but unfortunately these situations often result in a loss. 
• Get a list of your bank account signers and authorized users and remove any past employees or those whose job duties may no longer require account access. Don’t fall into the habit of allowing employees to share credentials, even during vacations or absences. We allow you to designate unlimited users for no cost, and we assign unique login credentials to every authorized user. 
• Confirm dual control procedures for sensitive account functions. Always consider requiring a second employee to sign off on cash handling, check writing, paying invoices, and electronic payment origination. We see many employers hesitate to implement dual control procedures for fear it will offend a long-time employee, but please remember that dual control procedures protect employees as much as the business. 
• Update your employee contact list. Having all your employees’ cell phone numbers and personal email addresses helps you identify attempts to change payroll details and bogus emails purporting to be from your remote workers. Never change an employee’s direct deposit information without positive confirmation at a known phone number or email address.
• Consider adding Positive Pay and ACH Filter as additional security layers. You get a gold star if you have them already. If you don’t, these services help you identify and act on unauthorized transactions within the allowable time to reverse them. 

Our Treasury Management team would love the opportunity to help you with a drive-by security checkup, and we would be more than willing to sit down and delve a little deeper into your protocols to share best practices. Wishing you and your employees a safe and secure summer!