Bank fraud remains a real threat for small- and medium-sized businesses (SMBs), according to a recent survey of 1,000 owners of small- and midsized companies by Guardian Analytics, a provider of fraud prevention solutions, and research firm Ponemon Institute.
Almost three-quarters (74 percent) of the survey respondents said their companies had experienced online banking fraud; 52 percent said their firms had been targeted in the past 12 months. The perpetrators were able to transfer funds from the account 73 percent of the time. In about 40 percent of cases, the bank was able to recover some or all of the funds.
At the same time, it appears that business owners – rather than their banks – are the ones most likely to uncover a fraud or attempted fraud. In three-quarters of cases, the businesses caught the fraud or attempted fraud while reviewing the online account. Half the time, the fraud came to light once a vendor or supplier let the company know that the funds in their account(s) were insufficient to cover a payment. In just one-third of the cases did a bank send an automated message. Forty-four percent of the time, a bank representative contacted the company by phone.
Even with the risks, SMBs continue to move more banking transactions online. One-fifth conduct all their transactions online, more than double the rate of just two years ago. While half of small businesses did less than 30 percent of their banking online in 2010, just one-third say the same today. Even more significantly, a majority – 54 percent – of SMBs use mobile devices, including smart phones and tablets to access their bank accounts today. That’s up from 23 percent in 2010.
The convenience offered by mobile devices appears to come at a price. Eleven percent of businesses that use a mobile device to conduct banking transactions experienced a fraud or attempted fraud, compared to nine percent of companies using ACH transactions and ten percent of businesses using wire transfers. Moreover, financial institutions could stop fewer than one-third of mobile fraud attacks.
Many small business owners could do a better job of taking steps to minimize the potential for online banking fraud. Nearly one-fifth – 19 percent – have no fraud-prevention procedures in place. Just 52 percent review and approve outgoing transactions daily; about the same number require multiple approvals on transactions. One step that’s considered key to safely banking online – maintaining a computer dedicated specifically to the task – is in place at only one-quarter of companies.
Along with implementing prudent fraud prevention tactics, SMBs should make sure they understand the fraud prevention tools in place at their banks, as well as the banks’ policies for notifying and reimbursing customers who may have been targeted by a fraud. Business owners and CFOs also should know the fraud prevention steps their banks expect them to take, and the methods their banks use to determine their online banking credentials. For example, would the bank ever send an e-mail or call, asking for a CFO’s or treasurer’s online password?
Both banks and their corporate clients need to take reasonable steps to reduce the likelihood that they’re victims of fraud.