Financial Fraud Alert: 5 Tools to Protect Your Business

Fraud can present a significant financial risk to small companies. Overall, businesses lose an average 5% of revenues annually due to fraud, according to a survey by the Association of Certified Fraud Examiners.

Unfortunately, many business owners are so wrapped up in day-to-day demands that they don’t take the right steps to prevent or detect fraud, which can take a variety of forms, says Susan Boles, a business consultant in Fayetteville, Arkansas. “It could be an employee or contractor with access to company financial accounts who steals small amounts of money over long periods of time, or it could be a cyberthief who manages to break into the accounts remotely,” she says

Today, affordable and timesaving technologies can help businesses prevent fraud, whether internal or external. Here are five:

1. Password managers. Make sure only people who regularly need to access company financials have access to those accounts. Then use a password manager, such as LastPass or Dashlane, that creates unique, encrypted passwords that are stored in individual virtual “vaults.” Administrators can assign different levels of access to different employees.

2. Multi-factor authentication. In addition to using strong passwords for access to key financial accounts, set up multi-factor authentication, recommends Tim Singleton, president of Strive Technology Consulting in Boulder, Colorado. This requires the bank to email or text you a code to use whenever someone tries logging into the account. Singleton says getting the code by text is generally the most secure route: “If your bank account is compromised by someone, they probably already have your email password,” he says. “It’s harder to steal a phone and access its texts,” especially when the phone is locked with a passcode. If you have very sensitive financial data to protect, consider installing a third-party app or a physical token that gives you secondary account passwords, which change every 30 seconds, Singleton says. Two options: AuthAnvil and the RSA SecurID.

3. Business bank account controls. One key step to preventing employee fraud is establishing financial checks and balances, Boles says. Oversight roles should be divided: For example, one person can be responsible for entering bills that need to be paid, while another employee is responsible for paying them. Many banks offer their small business account holders automated features that can provide better control. These can include setting up account permissions customized to each employee authorized to access the company’s bank account, as well as only allowing payments that are pre-authorized.

4. Bank and credit card alerts. Your bank and credit card company should give you the option to get alerts whenever certain, potentially suspicious, activities occur in your financial accounts. These might include “card not present” transactions on company cards or any bank account withdrawals over a certain dollar amount.

5. Virtual private networks. When you or an employee accesses or sends sensitive information, make sure the networks you’re using are secure from prying eyes. Public Wi-Fi at coffee shops, airports and other public places is prone to snoopers. Having a virtual private network (VPN) allows a user to send and receive data securely. IPVanish, NordVPN and PureVPN are services to consider.

Beyond deploying these technologies, teach employees to spot “phishing” emails in which a fraudster pretends to be a legitimate person (such as a bank representative) seeking financial information.