Corporate Account Takeover: Who is Responsible for Stolen Money? You or your Bank?

What would you do if you suddenly noticed that huge chunks of money had been drained from your business account into an account overseas? Would you be able to get it back? Who is responsible for your loss? You or your bank?

More and more businesses are losing money to cybercriminals who have gained access to their finances through malware on their corporate computers or network. Malware can reach your network a number of ways – like through a phishing email or by visiting an infected website. It could also come from a mobile device when connected to a computer for syncing purposes. Or maybe the business hasn't invested in a strong information security program.

However it happens, once a cyber-thief gains access to your network, they can access your bank account and secretly transfer funds out - and into theirs. They can add fake employees to payroll and steal your customer's sensitive information without your knowing.

Regulation E
Thousands of businesses have fallen victim to this type of fraud, and the losses have ranged from a few thousand to several million dollars. What's more, businesses are finding out the hard way that, unlike consumer bank accounts, their business accounts aren't covered by law under Regulation E.  So when their business account is compromised, they often lose some, if not all of their money.

In an effort to protect businesses from financial fraud, the Federal Financial Institutions Examination Council (FFIEC) has invoked new security guidelines for financial institutions. These guidelines ensure the layering of security technologies. They require the bank to perform risk assessments and provide security education and awareness to their customers.

The question remains, "Who is ultimately responsible for the stolen funds?" The courts are still undecided. But we can be sure that your financial institution is protecting their banking technologies and ensuring the security of your online transactions. However, they cannot protect YOUR computer against attack. Only YOU can do that. Today security is a shared responsibility between you and your financial institution.

How can you protect your business from corporate account takeover?

The best way is to work with your banker to understand the security measures you need within your business and to establish safeguards on your accounts that can help the bank identify and prevent unauthorized access to your funds.  

A shared responsibility between your bank and your business is the most effective way to prevent corporate account takeover. 

These helpful tips are provided by InfoSight Inc, a computer security company that helps ensure the privacy and security of your corporate, personal and financial information.