In this day and age, phishing and e-mail spoofing are very common and it is no longer safe to assume that the information you receive in an e-mail is accurate. One area where we see this result in substantial loss is funds transfer fraud – also referred to as social engineering and cyber crime.
For example, a criminal hacks into one of your executive's email accounts and sends a legitimate-seeming funds transfer request. You comply with the instructions and wire the money to the fraudster's account. A week later, the executive notices the unusual wire transfer – but the funds are long gone!
Implementing a dual control process when making funds transfers can help prevent fraudulent activity. Simply making more individuals within your organization aware of transactions can identify unusual or suspect requests.
In addition, enabling dual control qualifies organizations for Coalition's Funds Transfer Fraud coverage. This provides cover for fraudulent instructions transmitted by electronic means, including through social engineering. Please refer to our policy for full coverage details.
Coalition accepts many processes of dual control, including but not limited to:
- Calling the recipient of the wire transfer to verify the transaction details.
- Verifying the transaction with another executive at the company (preferably in writing).
- Setting up internal controls within your financial institution. One administrator or user enters or creates a payment (ACH batch, wire transfer), and a second administrator or user is then required to review the payment and approve/release the transaction.
If you have any questions or would like a consultation on implementing dual control in your organization, don't hesitate to contact us.