What are the most common misconceptions about business bank fraud?
Common Misconception #1: FDIC Insurance Covers Fraud Losses
The short version: FDIC insurance does not cover customer losses in the event of fraud.
The longer version, which includes a brief history lesson of the real purpose of the FDIC.
During the Great Depression, customers ran to their banks to withdraw all of their money from their various accounts. Don’t let Hollywood bank-robbery scenes depicting massive vaults filled with cash fool you, though. Banks don’t hold all of their customers’ deposits in cash in their bank vaults. Some cash is kept on hand, of course, but deposits are used, in part, to fund loans to other customers (your mortgage, for example, is funded in part by deposits held by the bank).
Meanwhile, customers with loans couldn’t pay them back. So, when those with money on deposit withdrew all their funds, banks ran out of cash before everyone was able to withdraw their funds, and as a result, many banks had to close down entirely. If you didn’t get there before the cash was gone and your bank closed, all of your life savings was gone. Sadly, this happened to a lot of people during the Great Depression.
Enter the FDIC. The Federal Deposit Insurance Corporation was created so depositors’ funds would be protected in the event their bank closed.
In other words, the FDIC has nothing to do with fraud on customers’ accounts – it’s simply a way of protecting your deposited funds in the event your bank has to shut its doors.
Common Misconception #2: Business Fraud is Covered Under Regulation E
Regulation E establishes the rights, liabilities and responsibilities of consumers and banks related to electronic funds transfers like debit card and online banking transactions, amongst others.
The protections provided under Reg E are specific to consumers accounts established for personal, family, or household purposes and not business accounts.
So, if someone fraudulently uses the debit card for your personal accounts and you notify your bank in a timely manner, generally your liability is limited. But the same can’t be said for your business accounts.
“We frequently see electronic debits to business accounts our customers did not authorize,” said Lisa Woerpel, IncredibleBank VP of Business Services. But if your business isn’t protected by Reg. E, how can you protect it?
ACH Positive Pay* is a tool that allows businesses to manage and pre-authorize the electronic debits posted to your account, helping businesses identify and even avoid fraudulent electronic transactions on their accounts.
Common Misconception #3: Businesses Have the Same Amount of Time to Report Fraud to Their Bank as Consumers
In fact, while consumers have up to 60 days to report unauthorized activity on their bank accounts (not involving loss or theft of an access device), businesses typically have much less time than that.
Guidelines around ACH fraud fall under a set of rules called the Uniform Commercial Code, or UCC. And while banks must compensate individual consumer accounts for most fraudulent transactions, the UCC expects businesses to be more proactive in the prevention of fraud.
If your personal checking accounts are compromised, you typically have up to 60 days to notify your bank and still get most or all of your money back. Your company, on the other hand, may have as little as one business day to notify the bank before the liability shifts from the bank to the business.
That means if you’re not checking your account daily – yes, every single day – you could take some heavy losses on fraudulent activity.
“We strongly recommend that our customers view their account activity every business day morning and notify the bank of any suspicious transactions prior to 10:00am,” said Woerpel. “After that time frame, the bank has no legal means of returning the item to collect your funds and the business would suffer the loss.”
Similar to ACH Positive Pay, Positive Pay* for check transactions is available as well. Positive Pay for checks allows businesses to upload a file of the checks they have written, and when checks are presented for payment, they are compared against the list of authorized checks provided by the business before payment is sent, protecting businesses from check fraud.
How to Protect Your Business from Fraud
Whether you thought any of the above misconceptions were true or not, you’ll want to take steps to prevent, mitigate and manage fraud on your business accounts.
In addition to the options for Positive Pay for ACH and checks as mentioned above, our team also recommends using online and/or mobile banking* daily, setting up notifications on your accounts to alert you of activity, and being aware of your own fraud risks by using our Business Risk Assessment.
Have more questions about protecting your business accounts? Contact a member of our Business Services team!
*Additional fees, terms, and conditions may apply.