ECCU Blog

Most everyone knows that an ounce of prevention is worth a pound of cure. This adage is certainly true when combating banking fraud. Prevention is especially important when dealing with a type of fraud known as “corporate account takeover.” Ignore prevention and your ministry could end up dealing with financial loss, negative publicity, and recovery efforts that divert time from kingdom work.

Corporate account takeover occurs when cyber criminals gain control of an organization’s bank account. This commonly happens when malicious software (malware) infects the organization’s computers. This malware is often delivered through very legitimate looking emails with infected links or attachments. Once embedded in a computer, this malware captures personal information and log-on credentials to online banking applications, allowing fraudsters to electronically pilfer money from the unsuspecting organization. It is because of threats like this that ECCU incorporated state-of-the-art security into its new online banking system.

When the Association for Financial Professionals (AFP) conducted a survey in 2010, 14 percent of the respondents had experienced corporate account takeover fraud. While only 2 percent suffered a financial loss, the time wasted to investigate and restore security diverted those organizations from the work they are called to do.

To prevent this kind of fraud, NACHA – The Electronic Payments Association, recommends the following steps:

1. Require dual control for ACH and wire transfer payments. This means that if one person authorizes creation of a payment file, a second person must authorize release of that file.
2. Ensure that all antivirus and security software and hardware for all computers (including laptops) used for online banking and payments are up-to-date.
3. Require that any computers used for online banking and payments are dedicated solely to those activities. This means they are not used for web browsing or social networking and are not connected to an internal network.
4. Monitor and reconcile accounts daily so you can spot fraudulent activity in time to take action.
5. Utilize routine and “red-flag” reporting (i.e., alerts about unusual activity) for transactions.

If your ministry’s bank account falls victim to corporate account takeover, contact your financial institution immediately so they can:

• Disable online access to accounts
• Change online banking passwords
• Open new account(s) as appropriate

Your financial institution should also review all recent transactions and any authorizations on file. Anything suspicious should be cancelled immediately.

What steps has your ministry taken to prevent fraud like corporate account takeover?

Wouldn’t it be great if we never had to worry about dishonesty in the church? Unfortunately, the church is not exempt from becoming the victim of wrongdoing. That’s why it is important to take appropriate measures to ensure that your church isn’t thrust into a negative spotlight resulting in a lost testimony to the world.

Keith Hamilton’s article 10 Ways to Prevent the Embezzlement of Church Funds outlines ten practical and easy to implement steps. From conducting an annual financial review to tracking giving patterns over time, Hamilton illustrates how your church can practice good financial accountability.

What steps is your church taking to prevent embezzlement and other types of fraud?

No one likes to think of the words “fraud” and “church” as having anything to do with one another. Most church leaders probably tremble at the mere thought. Others may shrug and say, “That would never happen in my church.” Unfortunately, the church is not exempt from fraud.

Join Vonna Laue, CPA and partner with Capin Crouse, LLP and John Van Drunen, ECFA vice president and legal counsel, for a 60-minute webinar as they discuss Reducing Fraud in the Church. They will provide important proactive steps your church can take to prevent fraud.

What steps are you taking to prevent fraud in your church?