At American Federal, the security of our business and ag client’s financial information is a priority.
Our investment in fraud monitoring programs helps us protect your accounts and detect when your transactions might be at risk.
Hundreds of thousands of dollars are lost to fraud each year. Fraud can be a serious threat to your bottom line. The good news is you can take steps to stop thieves.
Protect your Business or Farm – Routinely, reconcile and monitor your accounts to detect suspicious activity. Examine statements punctually. Using online statements, viewing check and deposit images online, and paying and receiving bills online can help reduce the risk of identity theft.
Set Up Security Alerts – Alerts monitor the status of your account activities and can be set up to go to email, text, or phone. *
Strengthen Internal Controls – Implement dual controls on all online payment services (online and mobile banking, ACH, wire transfers). Reconcile your business accounts daily to detect suspicious activity. Lock your business checkblank stock and signature stamps, invoices and critical account information in a secure location with limited employee access. Update antivirus and antispyware software and firewalls and apply software patches and security updates regularly. Encrypt files before you transfer them and avoid file sharing, especially files that store passwords and other confidential or sensitive information. Store and encrypt sensitive or confidential information in a secure database on a separate server that is not connected to the Internet.
Protect Access Credentials – Never disclose user IDs, passwords, security questions or codes or other authorization credentials. If you receive an email, text, or phone call claiming to be from a financial institution, asking for your credentials, it is likely fraudulent. Do not respond and contact your local banker immediately.
Educate Employees and Family Members – Train your employees, and family members, if your business is family owned or operated, to never disclose the credentials they use to access your accounts or your online and mobile banking systems. Repeat the instruction often to keep it front of mind.
Keep Authorizations Up to Date – Update signature cards and systems’ access whenever procedures or employees change. When an authorized signer or approver on your accounts leaves your organization, notify your financial institution immediately to have the employee’s name removed from all authorizations. Conduct an annual audit of your bank signature cards, funds transfer agreements, access codes and other authorizations to confirm they are current.
Know the Sender – Do not click on links in emails purporting to be antivirus or antimalware software. Do not download files from unknown sources. Before you act or respond, verify the sender of links and files through independent resources.
Verify Vendors – Require all changes to vendor payment account numbers be made in writing on the vendor’s letterhead. Verify the information with a call to the vendor using a telephone number you have independently obtained. Trust, but always verify before you initiate and approve.
Know your Employees – Following applicable state and federal laws and regulations, perform a credit check and a background review on new employees who have access to your accounts, account records, systems, or cash. Call at least three business references to verify information before you finalize a new hire. Separate accounting and cash management responsibilities, making payables and receivables processing different work positions. Conduct regular audits of financial duties. Contact your insurance provider to determine if your business insurance policy provides coverage for employee dishonesty and fraudulent cyber activity.
Update Mobile Device Security – Use mobility management software to secure and monitor your devices. Use the security features that come with your mobile device, like the keypad lock or phone lock function, when it is not in use, or the “find my phone” or “wipe out memory” functions, if it is lost. Create strong, complex passwords for your systems and accounts by using a combination of uppercase and lowercase letters, numbers and symbols. Never use an account number, Social Security number, date of birth or other private information to create a password. Keep this information private and never share it in a text, phone call or email.
Resource
The Federal Trade Commission (FTC) has released a guide with practical tips and advice to help businesses better secure their data. The Guide, Start With Security – A Guide for Business, draws on more than 50 data security enforcement actions by the FTC against various businesses. The FTC notes that, “The specifics of the cases apply just to those businesses, but each action offers compliance nuggets for other companies to consider.”
* Your mobile carrier’s text messaging and web access charges may apply for text message alerts.