How to Detect and Prevent Business Fraud
For as long as there has been business, there has been business fraud. Although technology has changed the methods, the basic approaches are still the same.
But how do you know when you’re being scammed? And what can you do about it? A mix of high-tech and low-tech solutions, some on the banking side, others that are internal process controls, can help head off the most prevalent types of fraud.
Add Positive Pay to transactions (and move to digital if possible)
If you regularly issue checks, it can be hard to keep track of every transaction. Contact your bank’s treasury management department to add Positive Pay and Payee Positive Pay to your transaction. This service matches the amount, check number, account, and recipient (in the case of Payee Positive Pay) for each check you issue, and flags discrepancies. Check fraud and/or modification, or double-cashing using a mobile app and then in-person within moments, are top fraud methods, so use Positive Pay and move to digital payment if possible.
Set alerts and notifications for unusual transactions
You can set alerts on your accounts to flag certain types of transactions that are more likely to be fraudulent. If you have an account from which you almost never issue a payment, set it to alert you whenever one occurs. Or if certain payees only get certain amounts, flag when a larger payment is issued. If you never send money overseas, get alerted for international transactions. The more you know about your spending patterns, the better you can detect fraud. Not sure how to set these up? Talk to your banker.
Establish a policy of personal confirmation for pay requests
Business email compromise is when a fraudster hacks an executive’s email and sends an urgent request to send payment to an alleged business partner, to buy gift cards and send them to a client, or otherwise distribute urgent funds. In some instances, a person may call pretending to be a known vendor and requesting a change of payment account. Train ALL employees to call the requester or company back using a known phone number for confirmation before completing these types of requests. It’s better to take 30 minutes to confirm a legitimate request than lose money forever.
Regularly review transactions, especially without Positive Pay or alerts
Did you know you only have one day to challenge a fraudulent check cashing? This makes it all the more urgent to keep on top of transactions. Positive Pay and alerts can help you pick up many or even most fraudulent transactions, but if you don’t use those tools, make it a priority to look at transactions daily and follow up on suspicious ones .
An ounce of prevention: Close off simple, common security gaps
Many types of fraud can be stopped with simple precautions. Some scammers steal outgoing mail to get checks they can modify, so simply having a locked mailbox can thwart them. Keep blank checks in a secure area. Use a secure email – free public email is relatively easy to break into and spoof, and often gives scammers calendar access too, so they know when an executive is out of the office. And set up processes that promote security, like splitting payment roles, so one person can set up a payment but not approve it, and another can approve but not set it up.
There is no way to prevent all fraud, but by keeping your awareness high and taking advantage of tools and processes that reduce fraud, you can limit your exposure. Make sure your fraud insurance coverage is large enough and establish fraud detection training with regular tests. Talk to an Alerus business advisor today to learn more about these and other ways to keep your business safer from fraud.