manage and mitigate your risk
Ideas on how to protect your business.
The Treasurer’s Security Checklist
1. CHECK FRAUD
• Utilize Payee Positive Pay
• Utilize Positive Pay/Reverse Positive Pay
• Purchase check stock from known vendors
• Use blank check stock
• Use a high security check printing system
• Know your bank’s process for check destruction and procedures for check fraud detection
• Make sure your bank has invested in a duplicate detection system if you use Remote Deposit Capture
2. CARD FRAUD
• Review card report daily
• Set transaction limits for corporate card purchases
• Use chip card technology
• Require PIN authorization
• Verify that customer’s ID is authentic
3. ACH FRAUD
• Institute ACH debit filters and blocks – requests that do not meet a preset criteria are rejected
• Segregate accounts and duties
• Monitor and reconcile transaction accounts daily
• Know your customers and vendors
• Protect sensitive information: mask and encrypt
• Ensure tokens are collected and credentials are changed after employees leave
4. WIRE FRAUD
• Confirm that the client is in the loop when a requested third-party wire transfer is inconsistent with the client’s past activity
• Examine the content of all requests for spelling and grammatical errors and/or overly formal language
• Watch out for requests to change a client’s phone number
• Avoid responding directly to new email correspondence; send your response to a known email address instead
• Confirm requests using the phone number you have on file before sending any forms out
• Establish recurring wire templates, and review them on a regular basis
5. GENERAL INTERNAL CONTROLS
• Institute dual controls and a separation of duties for payment processes
• Set up dedicated computers for conducting transaction with a bank or payment processor
• Restrict physical access to the payment processing computer (i.e. use a secure room or office)
• Reconcile bank accounts daily
• Separate bank accounts by operating function
• Address exemption items in a timely fashion
• Perform periodic internal/external audits
• Set up an employee hotline to report potential fraud
• Restrict/limit employee internet usage of the organization’s network
• Establish a centralized risk management department
• Institute human review of payment transactions
• Purchase insurance coverage to minimize risk
• Educate staff on risk mitigation and conduct phishing tests
• Set up HR policies for employee hiring and departures
• Do not initiate any payment transactions based solely on email instructions
Receive Our Exclusive E-newsletter
Subscribe
If you would like to receive more tips and articles like these, please sign up to receive our E-newsletter. Money Matters is a quarterly newsletter exclusively for our business customers. This e-newsletter was created with YOU in mind.
In each issue of Money Matters, you’ll get:
Interesting articles to help you be more successful, information on upcoming events and seminars, profiles of Bank of Tennessee employees, practical tips to enhance your business, and much more.
Business Tool Kit
Bank of Tennessee wants to help your business succeed. We’ve created this exclusive Business Tool Kit to provide helpful information for our business customers.