Digital Age Risk Management: Protecting Business Finances

An unidentifiable person wearing a hoodie and sitting in a dark room works on a laptop.

(Image credit: Getty Images)

The digital era has ushered in a great deal of efficiency and convenience for business finance. Most industries no longer have hundreds of hard-copy checks going in and out of their offices on a monthly basis. Sending and receiving payments can occur with a linked bank account and the click of a button.

But with all that convenience comes financial risk. You can access your accounts with a computer, but so can criminals. Making sure your risk management procedures are up to date can protect your business. Here are three ways to keep an eye on your finances and prevent errors and fraud from sneaking in through the cracks.

If your company is fairly small, it’s not too difficult to keep an eye on your finances. Maybe you just have one or two bank accounts and a single company credit card. In the event that fraudulent credit card charges or unauthorized bank transactions occur, your bank or credit card company should alert you. If they fail to do so, a routine daily check by yourself or an employee will likely enable you to spot errors and fraud quickly.

From just $107.88 $24.99 for Kiplinger Personal Finance

Become a smarter, better informed investor. Subscribe from just ~~$107.88~~ $24.99, plus get up to 4 Special Issues

CLICK FOR FREE ISSUE

https://cdn.mos.cms.futurecdn.net/flexiimages/y99mlvgqmn1763972420.png

Sign up for Kiplinger’s Free Newsletters

Profit and prosper with the best of expert advice on investing, taxes, retirement, personal finance and more - straight to your e-mail.

Profit and prosper with the best of expert advice - straight to your e-mail.

Once your company grows, there can be a great deal more to track. Even a relatively small holding company might have eight bank accounts and 20 credit cards dispersed among various employees and owners. If an owner or a single finance employee is tracking all these accounts, individual transactions can pass unnoticed for days. When a scammer can rack up tens of thousands of dollars of fraudulent charges within hours, time matters.

At least one person, but preferably two, should be signed up for transaction alerts. Individual banks and payment apps often offer this, and you can set notifications according to dollar amount or geographic location. Alternatively, you can sign up for comprehensive monitoring apps that connect to multiple financial institutions. Such solutions give you a central hub to quickly check all your accounts without having to log in to 10 different sites and accounts.

2. Be aware of payee access

You’d think that bank accounts would be one-way. I mean, wouldn’t it be crazy if businesses and other payees could just take money out of your account without asking? Crazy or not, it’s a genuine concern, especially when it comes to payments to and from federal and state governments.

For example, let’s say your business used to operate in California but has moved all services and locations to Missouri. Even though you are completely severed from California, the state might determine that you owe them taxes anyway. And if you have ever paid taxes using your bank account, the state has access to it. If you don’t willingly pay what the state determines you owe, it can freeze your account or just take the funds. Even if you can prove these monies were erroneously taken, it can take months or years to get them back.

That’s why it’s so important to make sure you know which accounts are linked to government entities. If you’re a dentist who contracts with and receives payments from the Department of Veterans Affairs, for example, those funds might travel on a two-way street. That’s why it’s a good idea to have a separate bank account just for government transactions. By doing so, you can keep balances low and not worry about one frozen account crippling your business operations.

3. Prevent employee complacency

When it comes to criminals trying to gain access to your finances, phishing schemes are still a very popular method of attack. In fact, more than 90% of cyberattacks begin with phishing attempts. That includes emails and phone calls trying to trick people into divulging information or clicking on dangerous links. Phishing schemes can range from sophisticated to downright absurd.

A business associate of mine who owned a small CPA firm almost fell victim to a phishing scheme. A new office manager had been contacted by someone claiming to be under contract for annual printer maintenance and ink refills. The vendor said their annual ink refill would cost $650 and forwarded information on where to send the check. The office manager was ready to pay up before she checked previous years’ financials and found no record of the vendor. In reality, the firm always got its refills from a big-box store for about $200 per year.

To reduce your business’ vulnerability to criminal financial attacks, employee vigilance needs to be emphasized and continuous. Briefly touching on phishing and other fraud schemes during an employee’s first week on the job isn’t enough. Over time, employees can become complacent about security procedures. After all, how important can the subject be if it is mentioned once but never talked about again? Bring up cybersecurity and fraud prevention at least once a year during employee reviews and distribute information about new hacking schemes to look out for.

Another simple rule to have in place is to require employees to password-protect their phones. If your employees ever use their personal phone for workplace two-factor authentication, a password is essential. Failing to observe this practice can leave your business vulnerable if an employee’s phone is lost or stolen.

An ounce of prevention

Protecting your company finances mostly consists of prevention and early detection. Putting strong procedures in place is the best thing you can do to keep your hard-earned revenue safe.

Disclaimer

The information provided here is not investment, tax or financial advice. You should consult with a licensed professional for advice concerning your specific situation.