Wire Fraud New Year’s Resolutions
Finally Get That Manual of Best Practices in Place
Wire fraud is a huge problem for American businesses, with almost $2 Billion reported stolen in 2020 and accounting for a third of all cyber insurance claims. Do you have a written policy and have you educated your team on the mechanics of the crime? If not, you and your business are at risk for wire fraud. Amazingly, the actual number of crimes is much higher than reported, as many companies choose not to report losses as they realize there is little to no hope of recovery or recourse from their cyber and crime policies. Victims quickly realize the path forward is to pay off the loss and limit any reputational damage that comes from the crime. The prevalence of wire fraud has steadily grown every year, hitting a record in 2020, and we anticipate that the amount has only increased for 2021.
We have found most companies have an informal, home brew approach, using email or excel, to authorize wires and lack any written policies and procedures. An ad-hoc process, using email and excel is dangerous with today’s cyber threats and the ever-increasing sophistication of the cyber bad guys. Given increasing sophistication of the bad guys, a constant stream of new vulnerabilities, and prevalence of remote work, using email or excel regularly fails to stop most of the fraud attempts.
What Your Funds Transfer Policy Should Contain
1) Education: Explain the mechanics of the crime, how it is executed and highlight live examples of how the crime is perpetrated in the wild. Many front-line accountants have no direct experience with how this crime works and mistakenly associate it with phishing,
2) Explain the Stakes: Who has liability for lost funds? Is it your company’s P&L or is it one of your vendors, like a banker, 3rd party accountant, or insurance provider? Organizationally everyone must know the answer to this question.
3) Policy Document: This outlines the decision tree and steps taken to release any funds, add a new vendor, or update payment information. It also codifies approvals and who is responsible for the security of your transfers.
4) Reporting Tools: How does leadership hold the team accountable in a transparent and repeatable way.
By documenting steps 1 through 4 in a written manual, you will dramatically increase the security of your transfers and protect your capital and reputation. Knowing the threat, who has liability, and having an accountable process is vital to stopping this crime.
Conduit Security offers robust manuals and our software platform is a “set-up wizard for wires” that ensures all the best practices are followed in a transparent and accountable way. To learn more please contact me at dave@conduitsecurity.com.