Six Rules for a Strong Fraud Protection Program

1. Protect access credentials

Never give out Internet Banking logins or passwords, or other authorization credentials. If you receive an e-mail, phone call, or text message claiming to be from Heritage Bank, asking for your credentials, it is likely a “phishing” attempt. DO NOT respond to it. Report it to your local Heritage Bank branch immediately.

2. Increase your internal controls

Implement dual custody on all online payment services (ACH, wire transfer, payroll) and self-administration services; reconcile accounts daily to detect suspicious activity; update antivirus and antispyware software and firewalls regularly.

3. Educate your employees

Instruct your employees never to give out the credentials they use to access your online banking systems or accounts. Repeat this message often so it remains top of mind.

Remind your employees of the following:

  • Do not click on links purporting to be antivirus or anti-malware software.
  • Do not download files from peer-to-peer sources or other unknown sources.

4. Know your employees

Perform a credit check and a background check on all new employees who have access to your accounts, account records, or cash. Call at least three references to verify information.

5. Keep authorizations up to date

When an authorized signatory or approver on your accounts leaves your company, notify your Heritage Bank branch location immediately to have that employee’s name removed from all authorizations. Conduct an annual audit of all your bank signature cards, Internet Banking agreements, access codes, and other authorizations to ensure they are current.

6. Know your vendors

Require all changes to vendor payment account numbers to be made in writing on the vendor’s letterhead and verified with a call to the vendor’s telephone number in your files.

BACK

image_pdfimage_print