[Editor's Note: The following is an excerpt from Financial Management and Accounting for the Construction Industry (Matthew Bender) by David L. Sauerman, Managing Director; Architecture, Engineering and Construction Division; The PrivateBank; Chicago, IL.]
In the 1990s, organized crime was able to steal millions of dollars through extremely organized check fraud rings. The new digital scanning technology allowed criminals to very easily create perfect looking but fraudulent checks on contractors' accounts. Increased diligence in reconciliation and reporting, along with positive pay, helped to mitigate much of this risk.
As technology continued to evolve, the criminals moved on to other forms of electronic fraud, including ACH payments, wire transfers, and phishing. Again, the banking industry and users of banking services fought back with various security measures and have mitigated much of this risk.
The newest wave of technology-driven fraud appears to be coming in the form of illicit spyware and malware which may be infiltrating into the user's systems. Often times, when logging in to the bank's reporting system, the malware in the user's computer redirects the user to a new site, designed to look and feel like the bank's site. There, the false site is able to gather all kinds of user information, including user names and passwords. Certain sites are even sophisticated to the point being able to capture the ever changing secondary passcodes coming from "tokens."
Needless to say, the criminals then use this stolen information to quickly move to the real bank site and order wire transfers or ACH payments out of the client's accounts. Once the money moves from the client account, it is often moved throughout the banking system very quickly until it moves into offshore accounts. These funds are typically very difficult to recover, unless they are spotted and action is taken very quickly. The banking industry and users of banking services continue to develop new defenses against these new and evolving criminal techniques.
Many years ago (in the olden days of banking), it was assumed that any bank fraud (typically things like altered checks) was ultimately the bank's responsibility. As the technology and the associated fraud have continued to evolve, the ultimate liability has become unclear and is swinging towards the user of the services. The banking industry has continued to grow its arsenal of defensive countermeasures and roll out new services and procedures to users in an effort to keep up with the crooks. All of the prevention techniques require a commitment on the part of the contractor to actively manage and continually monitor and reconcile their accounts. If a contractor declines to utilize available fraud prevention services and engage in the active management and monitoring of their accounts, they may discover that any loss from fraud becomes their responsibility.
As technologies continue to evolve and transactions continue to move towards the speed of light, the criminals continue to come up with new tricks. The banking industry and users of banking services are doing well trying to keep pace, but never seem to be able to get ahead.
In summary, it is well worth the time and energy required to spend time with your banker and determine how best to safeguard your company's assets. The cost of not doing so has the potential to be quite large. It is also vital to understand that there is no one set of tools which will forever protect a user from banking fraud. As the strategies of the crooks continue to evolve and change, so must the countermeasures.
Discover the features and benefits of LexisNexis® Tax Center
For quality Tax & Accounting research resources, visit the LexisNexis® Store