Use Electronic Payments

The preceding set of controls relate only to the process of issuing an elec­tronic payment to a supplier or allowing a supplier to debit the company’s bank account, and do not address such problems as unauthorized account debits and the sheer size of potentially incorrect or fraudulent payments. The next controls address these additional issues.

  • Impose an outright debit block on all company accounts. If the com­pany does not wish to incur any risk of having a third party initiate a debit transaction against one of its bank accounts, it can impose a blan­ket debit block on those accounts, thereby preventing debit transactions from posting to a company account. A result of this control is that all electronic payments must be initiated solely by the company, not its trading partners.
  • Request a daily cumulative limit for authorized trading partner debits. Even if a company has installed ACH debit filters that authorize only certain suppliers to initiate an ACH debit, there is still a risk that the employees of an authorized supplier could fraudulently initiate a very large ACH debit. To mitigate this risk, the company’s bank can impose a daily cumulative limit on those suppliers who are allowed to initiate account debits.
  • Request notification of duplicate debits. If a supplier initiates a debit transaction that is identical to one posted in the past day or two, there is an increased risk that this could be a duplicate charge. To reduce the risk of this problem going undetected, have the bank notify the company whenever a duplicate debit is posted or (even better) prior to posting.
  • Use a separate bank account as the source of electronic payments. Be­cause there is a risk of making extremely large fraudulent electronic payments, a useful control is to use a separate bank account as the source of electronic payments, with cash levels kept only high enough to fund those electronic payments made during the normal course of business, based on historical patterns. If an extremely large electronic payment is due to be made, this should initiate additional perusal of the transaction before additional cash is shifted to the account from which the payment will be made. To achieve a greater level of control, the person respon­sible for shifting funds into the electronic payments account should not be the same person who initiates or approves electronic payments.

[tags]electronic payment, wire transfer[/tags]

Pages: 1 2