manage and mitigate your risk

• Utilize Payee Positive Pay
• Utilize Positive Pay/Reverse Positive Pay
• Purchase check stock from known vendors
• Use blank check stock
• Use a high security check printing system
• Know your bank’s process for check destruction and procedures for check fraud detection
• Make sure your bank has invested in a duplicate detection system if you use Remote Deposit Capture

• Review card report daily
• Set transaction limits for corporate card purchases
• Use chip card technology
• Require PIN authorization
• Verify that customer’s ID is authentic

• Institute ACH debit filters and blocks – requests that do not meet a preset criteria are rejected
• Segregate accounts and duties
• Monitor and reconcile transaction accounts daily
• Know your customers and vendors
• Protect sensitive information: mask and encrypt
• Ensure tokens are collected and credentials are changed after employees leave

• Confirm that the client is in the loop when a requested third-party wire transfer is inconsistent with the client’s past activity
• Examine the content of all requests for spelling and grammatical errors and/or overly formal language
• Watch out for requests to change a client’s phone number
• Avoid responding directly to new email correspondence; send your response to a known email address instead
• Confirm requests using the phone number you have on file before sending any forms out
• Establish recurring wire templates, and review them on a regular basis

• Institute dual controls and a separation of duties for payment processes
• Set up dedicated computers for conducting transaction with a bank or payment processor
• Restrict physical access to the payment processing computer (i.e. use a secure room or office)
• Reconcile bank accounts daily
• Separate bank accounts by operating function
• Address exemption items in a timely fashion
• Perform periodic internal/external audits
• Set up an employee hotline to report potential fraud
• Restrict/limit employee internet usage of the organization’s network
• Establish a centralized risk management department
• Institute human review of payment transactions
• Purchase insurance coverage to minimize risk
• Educate staff on risk mitigation and conduct phishing tests
• Set up HR policies for employee hiring and departures
• Do not initiate any payment transactions based solely on email instructions

Subscribe

If you would like to receive more tips and articles like these, please sign up to receive our E-newsletter. Money Matters is a quarterly newsletter exclusively for our business customers. This e-newsletter was created with YOU in mind.

In each issue of Money Matters, you’ll get:

Interesting articles to help you be more successful, information on upcoming events and seminars, profiles of Bank of Tennessee employees, practical tips to enhance your business, and much more.