Jul 05, 2013 Dave King
More companies continue to launch electronic payment strategies, with automated functions such as ACH cards becoming one of the more preferred methods of managing accounts payable and receivable. Electronic payments have been cited by many experts as the wave of the future for virtually every industry and public sector around the globe.
Automating these processes comes with a variety of benefits, including increased efficiency and accuracy when it comes to vendor and client payments. However, because of the relative novelty of electronic payments, especially the automated functions therein, businesses need to be especially careful when launching a strategy to avoid data breaches and incurred financial losses.
Identity theft and wire fraud have both been on the rise in the United States, and businesses represent the best first line of defense against these crimes. Adequate and consistent oversight of all accounts payable and receivable activity, especially any functions that are regularly conducted in an automated fashion, will decrease the risk of losing money to cyber criminals.
FDIC adviser suggests tips
BankInfoSecurity recently reported that financial institutions, as well as alternative lenders and retailers, need to follow a variety of guidelines when approaching ACH payments and other electronic transactions. The federal government continues to roll out new rules, regulations and best practices of managing financial data and payment transfers for enterprises, and these guidelines should be adhered to in a timely fashion.
The news provider interviewed Amy McHugh, a former federal banking examiner, regarding the best practices of authenticating and securing financial activity conducted over the Internet. Financial institutions have fallen victim to ACH and wire fraud crimes more frequently throughout the past several years, and many have lost lawsuits filed by the associated clients who were victimized.
One of the biggest terms has been "commercially reasonable efforts," which is used to identify which party was responsible for an instance of ACH or wire fraud in lawsuits between organizations and consumers. According to the source, McCugh cited the settlement between People's United Bank and PATCO Construction, which was a major case that lasted several years.
The court found that the financial institution had been using cookie-cutter security solutions that were deemed unacceptable when it comes to adequate oversight and management of data and transaction processing activities. McCugh stated that this was a good example of why enterprises and financial institutions need to go above and beyond the call of duty when securing payment processing policies.
BankInfoSecurity noted that the examiner believed the precedent set in this case, as well as others, will have a major impact on future cases that involve ACH and wire fraud. As a result, she implored financial services providers to hone in on practices and protocols related to vulnerability testing and risk assessments more than once a year.
Finally, the news provider added that any entity which partakes in electronic transactions should clearly communicate authentication and security guidelines to customers. By getting clients involved in the security processes necessary to protect data, financial information can be better protected from the grasps of hackers and other criminals.
Total information governance crucial
While accounts payable and receivable are most often the source of ACH and wire fraud, businesses need to develop stringent and comprehensive information governance policies to defend all financial information. First, Payment Card Industry Data Security Standards should be met immediately, as this will decrease the risk of sanctions and other legal issues.
Advanced monitoring and data security tools should be implemented to patch any vulnerabilities in systems, networks or infrastructure. Finally, experts suggest training all employees in the best practices of Internet use to ensure that staff members do not make costly errors when conducting regular responsibilities.