In today’s nonprofit environment, the speed and convenience of moving money and data electronically have become game changers. Nonprofits large and small are more nimble and efficient than at any other point in history.
Yet, while this speed and convenience provide amazing benefits, the downside to all that money and information electronically flowing around is electronic payment fraud.
An unfortunate side effect of tech adoption for nonprofits today is that any kind of electronic transfer of money can be maliciously diverted by a cyber criminal posing as a legitimate payee. And, most often, the vulnerable part of the process is the simple email system we all take for granted.
Fraudsters have become increasingly sophisticated in using email to mimic known entities such as clients, employees, and vendors in order to fool unsuspecting organizations into sending electronic payments. Further, we are even seeing internal emails mimicking coworkers. As such, we counsel all nonprofits large and small to strongly consider the following strategies that can greatly reduce fraud.
First, dual controls act as a great defense against online fraud. By using dual controls, you separate the duties of the employee who enters or creates an electronic funds transfer and the employee who reviews and electronically transmits the electronic funds transfer. Requiring input and approval of a second user before the payment can be sent prevents a single person (who might be tricked by a fraudulent email) from transmitting funds out of your account.
Phone Call Verification
We highly recommend that nonprofits take the additional step of calling the client, vendor, or employee to make sure the email requesting the electronic funds transfer is legitimate. While it may seem low-tech, a quick phone call can be immeasurably effective in reducing fraud.
All nonprofits should endeavor to learn more about fraud prevention technologies and services that can safeguard against electronic theft. This would include the use of security software that protects online banking by prohibiting access to personal information, login credentials or other critical pieces of information. Security software can also protect users while visiting websites. Further, technologies such as Positive Pay and remote deposit can minimize fraud and theft associated with paper checks.
Finally, signing up for alerts, which send communication whenever your bank suspects fraudulent activity, can be a true financial lifesaver.
The bottom line is that criminals work hard to exploit weaknesses in electronic payments in today’s fast-paced world. For nonprofit leaders, becoming a victim can be devastating. Taking the extra steps to add dual controls and fraud prevention technology into your money transfer activities goes a long way toward safeguarding your incredibly valuable assets.