According to the 2016 ACFE Report to the Nations, companies lose an estimated 5% of their revenue annually due to fraud.
To avoid an attack, your Accounts Payable payment system should have multiple levels of security, especially when used for issuing ACH payments. Fraud prevention along with fraud detection strategies embedded in your payment platform and processes should hinder the capability of a "lone wolf attack."
More progressive companies today have levels of access built into your system and for your team. This Thankgiving, lets give thanks for all of the ways your organization is reducing the risks of payment fraud.
If you're not sure of what they are...here are the seven best practices:
1. Positive Pay
If your Accounts Payable Department is issuing paper checks, this tool is useful for creating a file that ensures your bank only accepts checks that match check numbers, dates, dollar amounts and the payees.
2. Separation of Duties
This is critical for larger A/P departments, but very effective in any business setting. By not allowing one person to have too much control over issuing payments, you are able to share the wealth. Having one person input payments, another approve and a third actually issue payments can resolve many security concerns.
3. Multiple Levels of Approval
It’s ideal to have approvals go through multiple levels or at least different approvers, especially for a very large transaction. If necessary, using a second signature for very high dollar check payments can also help. If you’re using an automation software, it should be able to support your organizations existing workflow approvals, so high dollar payments are approved and electronic signatures applied before processing.
4. Secure Data Transmission
It is important to ensure that your payment system will securely transfer data directly to your financial institution or your off-site check print and mail facility. This can be done with SSH File Transfer Protocol, or Secure File Transfer Protocol and the highest security encryption standards. Ideally, these systems should be built into your payment platform.
5. Audit Trail Reporting
This practice is nothing more than an electronic "paper trail." An AP manager or higher authority should be able to go in to see who's creating, approving, issuing and even cashing items. This is a good practice not only for mitigating security concerns, but for also satisfying auditing requirements.
6. Employees Take Vacations
Everyone should want a break from work sometimes. Be mindful of an employee or group of employees in Accounts Payable that never want to take vacation. A hidden agenda may be at work.
7. Always Investigate Email Urgent Requests For Payment
It is beneficial to advise your team that under no circumstances should an URGENT request for a payment be issued without several levels of investigation and authorization. Even when the request appears to be from the CEO, all payments are issued following the protocols recommended above.
These all-important tips secure the safety of your payments process and your organization. It is critical that you reflect on these this holiday, as they are important for keeping your business one step ahead.
If you are not able to follow these practices due to limitations within your systems, then by all means look for alternatives. Learn more about improving your A/P Department's fraud prevention by reading our ebook on Payment Fraud Prevention.
More Articles of Interest:
- Accounts Payable Best Practices