Sponsored Content
Growing companies go through many transitions: adding staff, expanding their customer base and engaging new suppliers. This growth translates into a need to formalize organizational financial processes, including the treasury function. Prior to evolving into a true middle market company, many organizations operate with the CEO acting as CFO, possibly supported by a bookkeeper and accountant. But as deposits grow and the dollar amounts flowing into and out of the company increase, financial professionals are needed for balance sheet management, payment processing and to provide strategic insight.
While the business growth phase is fast-paced and exciting, innovation and expansion should not overshadow the need for effective risk management. Put simply, adding employees and customers to your roster and engaging in new vendor relationships creates added complexity and exposes an organization to additional risk for breaches, information leaks and fraud – topics that are top-of-mind for most companies.
Combating these risks means that companies need to step up their defenses. While there is no one, guaranteed solution, every participant in the business financial ecosystem – financial institutions, third-party payment processors and companies – must do their part to help prevent and minimize cyberattacks and payments fraud.
While many businesses already have some amount of risk processes in place, a smart organization will look for opportunities to invest in and operationalize their fight against cyber criminals. Among the suggested methods to reduce fraud and cyber risks:
- Take advantage of email or text alerts which can notify the company of payment orders that have been sent from your account
- Review and reconcile bank accounts daily to check for discrepancies, which will help flag suspicious or missing payments or wires almost immediately
- Verify all payment orders or account changes issued by company executives, customers or vendors via phone or in person, instead of relying on email confirmation
- Segregate employee functions:
- No employee should be responsible for both recording and processing a transaction
- Limit the number of people who can authorize purchases
- Set a dollar limit that each person can authorize
- Designate a computer to be used exclusively for banking transactions and restrict all other Internet and email access. Similarly, do not access company financial information on any other computer. Doing so will help block the most common entry point for cyber criminals
- Create strong passwords, change them frequently, and prohibit the use of shared usernames and passwords. Make sure to also update login information if an employee leaves the business
- Take advantage of email or text alerts from your bank, which can notify the company of payments or transfers that have been sent from your account
- Do not click on links in emails that indicate your bank needs you to update account information online. Do not provide password or other authentication credentials over the phone to anyone; it is highly unlikely a financial institution would request that type of information from you
- Conduct background checks on all new hires, including contractors. Many successful cyberattacks leverage someone who is familiar with a company’s systems
- Train and educate employees about fraud and how to spot suspicious emails
- Form and maintain a risk and fraud management committee. Cyber criminals are constantly innovating their techniques and executives need to meet the challenge head-on by staying up-to-date on the latest technological and security solutions
Even the most basic cyber or organizational controls can do a lot to thwart thieves in their tracks. Sometimes good, common sense, such as establishing an open-door policy with the CFO for employees to verbally verify account change requests, can create the greatest impediment. While the steps above will compound to create a more solid security framework, implementing at least one of these best practices in the next 30 days can put your growing company steps ahead of fraudsters.
If you are interested in learning more, please visit https://www.td.com/us/en/commercial-banking/ or contact Phil Daniels at 802-860-5440.