BUSINESS FRAUD IN THE DIGITAL AGE: PART 5
Your business can adopt some important controls to protect against fraud. This is a partial list and should be the beginning of an ongoing review of exposures and protections.
What are potential controls?
You must have a complex set of defenses to identify and prevent fraud. These should be both operational and technological controls, including:
- Segregation of duties throughout the accounting, sales, and procurement process. In particular, billing, reconciliation, and payment must be separate.
- Requiring multi-approval controls (not two, but three or more) on all payments should be a mandatory practice. Develop and rehearse and absolutely follow a comprehensive plan.
- Immutable user and system audit logs to track activity in your payment system,
- Positive Pay or other affirmative ACH and check payment system – This system matches the date, check number, dollar amount, and account number of each check presented against a list provided by the company to protect against forged, altered, and counterfeit checks. (See footnote below)
- Using Electronic tokens that prevent the sharing of account information.
- Employing other Payee Screening and alert management features.
- Meet with your banks and talk to their security experts, adopt their recommendations, and ask what types of fraudulent circumstances they will stand with you and upon which they will not.
ABOUT THIS SERIES
This article is part of a six-part series on business fraud in the digital age. If you need more information about any of the information in this series, please contact us for more information.