You put your heart, mind, energy, and money into your business. The last thing you want is to leave it vulnerable to fraud. With that in mind, here are 9 tips to help your protect your business.
1. Create a fraud policy
Making a plan to prevent and respond to fraud is a lot easier (and more affordable) than dealing with the consequences. Your policy should cover topics like what actions constitute fraud, how to report suspected fraud, who is responsible for investigating fraud, and confidentiality.
2. Separate employee duties and limit file access
Unfortunately, one of the most common frauds against businesses happens when an employee misuses their influence and access for personal gain. You can help prevent this by requiring more than one person to complete key tasks - like approving payments or writing cheques, and by only giving an employee access to the files they need to do their job and nothing more. That way, you won’t have one employee with sole control and they won’t be able to access information that they don’t need.
3. Use secure payment methods
Cheque fraud is extremely common and it costs businesses a lot of money. Switching to direct deposits or fund transfers makes your payments more secure. Of course, you might not be able to stop using or accepting cheques altogether. If you are using cheques, make sure that access to them is limited and they are stored securely. Also, put a plan in place to monitor cheques, clearing your account daily. You could also consider a cheque imaging solution - scanning or taking a picture of a cheque makes it possible for you to deposit the money automatically.
4. Secure your network
You need to secure your business network so unauthorized people can't connect and possibly access your files or spy on Internet traffic to capture and hijack your online accounts. Here are some actions to consider when making a plan to keep your network secure for yourself, your employees, and your customers:
-
Change default passwords and use longer, stronger, and unique passwords for administrative accounts. Use a strong encryption to increase security on your wireless networks.
-
Keep devices up-to-date with current security patches and use the most recent software version.
-
Turn on all built-in firewalls and make sure they're appropriately configured.
-
Install anti-malware software on all devices.
-
Educate your employees on security best practices.
5. Keep your point-of-sale secure
Protect yourself and your customers by making sure that your point-of-sale (POS) system is 100% secure. If someone can get into your POS they can steal customer records, including payment information.
Make sure all your POS devices are digitally secure:
-
Install passwords that you change regularly
-
Add antivirus software
-
Choose systems that come with end-to-end encryption
-
Don’t connect your POS to external networks
Make sure your POS devices are physically secure:
-
At the end of each day, make sure that every POS device is accounted for
-
Secure POS devices in a location that only select employees have access to
6. Protect your business from email scams and phishing
Business Email Compromise (BEC) scams can be difficult to identify and even harder to recover from. For this reason, understanding BEC scams is imperative to protecting your business.
BEC scams aim to misdirect payments or transmittal of other things of value. They target employees authorized to wire money, pay accounts, or access confidential information. Posing as executives, vendors or suppliers, fraudsters typically correspond via email with an employee of the company and attempt to exploit the employee’s capacity to access information or authorize certain transactions.
Phishing scams continue to be a lucrative business for cyber-criminals. Even business owners or employees who think they’re careful about clicking on links and attachments in emails can be tricked and find their computers have been compromised. Cyber-criminals have become increasingly sophisticated with emails that can look very realistic and authentic.
Be wary of any link or attachment. Unless it’s absolutely clear from the context of an email that the link or attachment is OK, and you are expecting the email, assume that clicking on it could get you in trouble. It’s important to educate your employees on the importance of phishing awareness and keep reminding staffers about the dangers of clicking on the wrong things.
7. Audit your accounts regularly
Doing a daily check of your accounts and statements regularly is a great way to protect against fraud or accounting errors. Occasional non-scheduled audits of your entire business can also help detect fraud - especially in high-risk business areas.
8. Review payroll
Payroll is an area that can be particularly vulnerable to scams and frauds. Here are a few steps you can take to protect yourself:
-
Make sure your payroll processes require HR and your payroll company to confirm deposit accounts with employees
-
Pay using direct deposit or open a separate business account to minimize circulation of your company’s bank account information
-
Use your regular audits to keep an eye out for falsified hours, inflated commissions, and other irregularities
9. Get expert advice
You don’t have to figure it all out by yourself! Talk to a Meridian Credit Union Small Business Advisor or Commercial Banking Relationship Manager about the products and services you can get to help prevent fraud, or just to get some friendly advice.
Talk to a Small Business Advisor or Commercial Banking Relationship Manager
Learn more about protecting yourself
How to prevent e-transfer fraud
Protect yourself against phishing scams
How to create a strong password