Safeguarding Your Organization from Possible ACH Disbursement Fraud
While the benefits of using Automated Clearing House (ACH) payments for disbursements are numerous (i.e., less expensive than using checks, automated and time efficient), without strong, established internal controls in place, companies can fall victim to nefarious actions by hackers focused on the company’s use of ACH payments. There has been a rise in social engineering schemes by bad actors, particularly at companies where internal controls were either not adequate to mitigate against potential illegal acts or were overridden by management.
Reviewing Current Controls and Implementing New Procedures
Management must be vigilant in an ever-changing cyber environment as hackers become more creative and devious in their efforts to access an organization’s assets or information.
The inherent risks of making ACH payments that can never be fully avoided include identify theft and fraudulent payment information. However, the company can mitigate these risks by regularly reviewing existing internal controls and procedures for best practices and verifying that each disbursement follows established protocols. The suggestions below describe procedures that organizations can use to strengthen controls.
Takeaway
Reviewing your company’s current processes is key to identifying possible weaknesses that exist within your ACH disbursement function. We recommend that this be done at least annually to verify that the internal controls in place are adequate and still relevant and that no other risks have been identified that need to be addressed.
To see past publications please visit our Knowledge Center.
The information presented here should not be construed as legal, tax, accounting, or valuation advice. No one should act on such information without appropriate professional advice and after a thorough examination of the particular situation.