You probably need to think again.
Guardian Analytics provides online banking, anti-fraud and identity theft products and services. CEO Terry Austin is making some important points about your business's rights and responsibilities in terms of business banking fraud, and, refreshingly, he's doing so without over-hyping his company.
Certainly his points got me thinking about what small and midsized businesses can and should do to achieve a better understanding of their relationship to their banks.
Austin has five main points (their essence in bold below, followed by some of the things his thinking got me thinking about):
1. Know all of your financial rights, and how business rights differ from consumer rights: If your personal account gets tagged in an online scam, Federal regs require the bank to reimburse you, something not required for business accounts.
Find Out: Does your bank protect your business accounts from losses due to online fraud? If not, find out which of their competitors will protect you.
2. How up-to-date is your bank's security technology? What percentage of the institution's IT resources are devoted to proactive fraud monitoring systems? Does the bank go above and beyond the minimal requirements needed to hit compliance levels?
Find Out: Is your online bank minimally compliant with anti-fraud protection or does it manitain higher levels of alertness or monitoring?
3. Are you and your IT team doing everything you should to protect your side of the relationship? The nature of today's threat environment is such that you have to attend to daily anti-malware and firewall monitoring and maintenance. You can have the most secure and proactive online bank in the universe, and if someone's grabbed your business's identity, sign-ins, passwords or PINs, your business is in trouble.
Find Out:: Who's in charge of your business's online and communications security -- and how thorough and constant are they about making sure every device and connection involved in online banking is always fully updated, and every employee using those devices is well-grounded in online security habits and practices?
4. Do you monitor for unusual account activity? Does your bank? Unexpected, unusual or out-of-pattern bank transactions are about as red as red flags of fraud get. How closely do you or your employees monitor all business accounts? How promptly does your bank get in touch (or promise to) in the event of a potentially fraudulent transaction?
Find Out:: Does your bank offer transaction alerts or other services that notify you of unusual activity? Does your business take full advantage of these services?
5. How much do your business's financial managers know about online threats? Whoever is handling the day-to-day details and operations of your business's online banking needs to become at least conversant and at best expert in the nature of online threats. That's true if financial matters are a part-time responsibility for one of your office staff, or if your business is large enough to have full time bookkeeping, accountancy or CF0 staff.
Find Out: How much do your financial staff members know about online threats? How up-to-date is their knowledge? How close is the communication between financial staff and IT security staff (or vendors on both sides)?
On that last point, I'd actually recommend a conversation involving the financial staff, your business's IT security staff and a representative of the online bank you do business with.