Banks should be aware of the latest fraud trends, training and encouraging their employees to adopt “a see something, say something” approach to preventing fraud, said Fredrikson & Byron Senior Associate Caitlin Houlton Kuntz.
During her May 6 presentation at the Bank Holding Company Association’s Spring Seminar, Houlton Kuntz said banks must understand the fine details of their cash management agreements and ensure they have implemented multi-factor authentication, transaction limits, call-back procedures and dual, address and IP controls, which allow customers to authorize one computer where online banking can take place. Transactions that do not originate from that computer don’t go through.
Banks can avoid much of their potential liability in cases of fraud by undertaking “commercially reasonable security procedures,” Houlton Kuntz noted. Banks should know what’s on file for their customers, require photo ID, and document security procedures. She called on banks to document any customer refusal to implement those procedures.
Houlton Kuntz said as standards and best practices evolve, banks should regularly review agreements with management and counsel. She also called on banks to fully grasp the components of their cash management agreements, including indemnification, limitation of liability, and disclaimers and acknowledgements. If fraud occurs, Houlton Kuntz said banks should lock down the accounts and verify details, gather affidavits, contact the receiving banks, and notify the FBI and bond carriers.
Kuntz called Positive Pay, an automated cash-management service financial institutions use to deter check fraud, “one of the absolute best fraud prevention tools” for commercial cash management customers. Any check considered suspect under the system is sent back to the issuer for examination.
According to the FBI, Americans lose nearly $7 billion every year to wire fraud. Nearly $2.5 billion was reported lost to business email compromises in 2021. According to a LexisNexis Solutions report earlier this year, cyberattacks increased 20 percent on a year-to-year basis in the financial services industry during the first six months of 2021 and 41 percent from the first part of the year.