Internal Fraud is the misuse of an organization’s resources or assets conducted by a malicious insider. This individual could be a current or former employee, contractor, or other business relationship who has knowledge of or access to the processes and/or systems within an organization. Due to their knowledge, the fraudster can bypass organizational security measures through legitimate means.
According to the AFP Payments Guide1: Combating Fraud in a Remote Working Environment “A somewhat alarming 2019 study of executives from mid-sized companies, $50 million to $3 billion in annual revenue, by Capital One and Accenture, revealed potential hubris over cybersecurity practices. Respondents said they were overwhelmingly satisfied with their organizations’ current B2B payment security methods, and nearly half (48%) indicated that updating payment security was either not important at the time or not a priority.”
Protecting Your Internal Processes
Ensuring your company has the proper safeguards in place is critical for fraud prevention. A best practice is to have an action plan and clear understanding of the processes that can be implemented to protect your business. Examples include:
- Limit administrator access to systems provided by your bank. This includes, but is not limited to: Online Banking, credit card websites, product portals etc.
- Subsequently, do the same when considering access to internal accounting and database software.
- Two-factor Authentication
Separation of Roles and Responsibilities
- It is recommended to have different departments or individuals reconciling accounts compared to those in charge of payments.
- Require a second approver in Online Banking for all ACH and Wire Origination
Daily Account Reconciliation
- Helps identify suspicious activity, and allows time to catch and prevent unauthorized financial transactions.
- Work with your financial partner to receive helpful tips and tricks surrounding reporting. Reports can be used to audit user access and financial transactions.
- Always store checks in a secure location to prevent unauthorized access.
- Use the most up to date check stock and the available temper-resistant security features, including VOID pantograph. This is when the word VOID appears if a check is scanned or copied, and is an effective measure in preventing check fraud.
12020 AFP Payments Fraud and Control Survey Report.