Corporate payments fraud is as high as it ever has been. According to the 2011 Association for Financial Professionals Payments Fraud and Control Survey, 71 percent of organizations polled experienced attempted or actual payments fraud in 2010.
Cyber-criminals use a variety of methods to obtain access to your valid online banking credentials, including mimicking websites, using malware and viruses or using social engineering to defraud employees into revealing sensitive data. Once the account is compromised, these fraudsters are able to electronically steal funds from your business accounts.
Unfortunately, businesses are not subject to the same legal and regulatory protections as individuals who experience losses as a result of fraud. For that reason, it is especially important that businesses are aware and diligent in protecting themselves from online fraud.
So, why are businesses not as protected as individuals? Because individuals have extra rights under what's called Regulation E. It was created to meet the requirements of the Electronic Fund Transfer Act, which establishes the basic rights, liabilities and responsibilities of consumers who use electronic fund-transfer services and of financial institutions like us that offer these services, such as point-of-sale transfers; ATM transfers; direct deposits or withdrawals of funds; transfers initiated by telephone; and debit card transactions.
But businesses are not covered by this regulation, which is why we recommend that you evaluate the risk of fraud, including corporate account takeover, and develop and implement a security plan to prevent and mitigate online risk.