Person working on a laptop.
One way to keep your business's finances safe is to limit the number of people who can interact with them. Invoices, payments, and inventory should be handled by a specific team. — Getty Images/ Nitat Termmee

Cybercriminals use traditional and sophisticated methods to take over corporate bank accounts, spoof identities, and steal funds. The Federal Deposit Insurance Corporation (FDIC) insures deposits if a participating bank fails. But Investopedia warned, “the banks themselves have no federal guarantee to solvency in the event of a major cyberattack.” In addition, you may have to opt into certain bank account protection and fraud mitigation services to receive assistance during and after a security incident.

Bank fraud prevention starts with your small business. Explore common types of bank fraud and scams to understand how thieves gain access. Then learn how to reduce risks and protect your bank account by strengthening cybersecurity measures and working with your financial institution.

Understand the types of bank fraud

According to LexisNexis Risk Solutions, “Fraudsters are leveraging fake identities, synthetic identities, cyberattacks on account creation or identity spoofing for account takeovers.” Indeed, JPMorgan reported that 71% of businesses “were victims of payments fraud attacks or attempts in 2021.” Its study found that accounts payable departments were most susceptible to business email compromise (BEC) scams.

Types of bank fraud include:

  • Phishing scams: Cybercriminals use social engineering tactics like phishing to steal protected information while pretending to be a trusted institution or employee.
  • Pressure tactics: Fraudsters request payment for unreceived products or services. This method can occur over email, phone, text, or postal mail.
  • Corporate account takeover: Malicious actors gain access to employee credentials and leverage them to manipulate a company’s bank account.
  • Internal fraud: Without sufficient checks and balances, rogue employees can commit payroll or accounting theft.

[Read more: How to Protect Your Business From Phishing Scams]

Review your financial organization’s fraud prevention initiatives

Banks have different agreements and programs to help businesses prevent unauthorized transactions. Learn about the services your institution offers for fraud mitigation and account protection. You may need to enroll in these services or select accounts with improved features. Also, read your account agreement to understand what security measures your business is responsible for. If you fail to implement cybersecurity safeguards, your liability could be higher.

The American Bankers Association (ABA) suggested that business owners look into:

  • Positive Pay or other services offering callbacks.
  • Device authentication.
  • Multi-person approval processes.
  • Batch limits.

One infected device can result in an account takeover.

Tighten your company’s cybersecurity posture

Protecting your business bank account involves improving your company’s cybersecurity. Take a multilayered approach to security by having several ways to detect and defend your systems, including onsite and remote employee hardware and software. Out-of-the-box anti-malware and password management tools can secure basic services, whereas managed cybersecurity services and advanced technologies offer more comprehensive coverage.

Prevent hacking and cyberattacks by:

  • Using email spam filters.
  • Blocking or limiting access to suspicious websites.
  • Leveraging multifactor authentication.
  • Monitoring network traffic.
  • Having an incident response and recovery plan.
  • Updating firmware and software regularly.

[Read more: A Quick Guide to Data Management, Protection, and Storage]

Implement employee cybersecurity training programs

One infected device can result in an account takeover. Suppose an employee’s personal cell phone automatically connects to your business Wi-Fi. If they are hacked at home, your IT infrastructure is compromised once they connect to your network. Likewise, a worker who inadvertently gives out sensitive information can give a cybercriminal the keys to your bank account.

Train your team on the zero trust concept. This idea means no person, business, software program, or device should be blindly trusted. Then follow up with regular, in-depth training on common scams and cyber threats.

Build checks and balances into accounting and payroll systems

Having clear procedures for approving and paying invoices or expenditures reduces the possibility of employee theft and helps you catch human errors quicker. Only a limited number of individuals should be able to pay invoices and place orders. These policies should extend to receiving inventory, ensuring that new stock is physically checked before signing the confirmation form. Accounting programs can help you maintain records, whereas an independent auditor can discover potential vulnerabilities or problems.

CO— aims to bring you inspiration from leading respected experts. However, before making any business decision, you should consult a professional who can advise you based on your individual situation.

CO—is committed to helping you start, run and grow your small business. Learn more about the benefits of small business membership in the U.S. Chamber of Commerce, here.

Published