Open Forum

Expand all | Collapse all

#Accounting - Fraud

  • 1.  #Accounting - Fraud

    Posted Jan 14, 2020 05:14 PM

    I wanted to get some information from the group on how your organization handle fraud when receiving banking information from vendors?

    For example, do you ask vendors to fill out a "direct deposit form?"  If so, how do you receive that information and what steps do your organization take to protect from fraud?

    Thanks and looking for to your replies.


    Karen Kellibrew
    Administrative and Accounting Assistant
    American Society of Health-System Pharmacists
    Bethesda MD
    Academy - Online Interactive Learning from Experts

  • 2.  RE: #Accounting - Fraud

    Posted Jan 14, 2020 07:23 PM
    Hi Karen,
    In addition to having a standard form we ask vendors to provide us with, we also have a policy of always verbally confirming the info over the phone. Our bank (JPMorgan) is pretty insistent on that practice.


    Mary Palmer
    Director of Reporting
    Motion Picture Association, Inc.
    Sherman Oaks CA

    Academy - Online Interactive Learning from Experts

  • 3.  RE: #Accounting - Fraud

    Posted Jan 15, 2020 08:56 AM
    Hi Karen,
    Here is what I have discussed with our Finance Department.

    We have a form or we would take the information via email.  Once we get that, someone from Finance would call to verbally confirm the numbers with the phone number we have on record.  If they leave a voicemail, when the person calls them back, I instructed our people to tell them they will hang up and call them right back.  We want to verify not only that we have the right account numbers, but we are talking to the right person.  Technology these days allow people to spoof Caller ID.

    Here is a possible scenario that we are considering and have steps in place to mitigate:
    Customer gets breached.  So Hacker can read Customer A email.  Hacker sends email with bogus account numbers to Finance.  Finance receives email, and calls to verbally confirm, leaves voicemail.  Customer has a modern phone system where voicemails are delivered to the user's inbox.  Hacker gets voicemail, deletes it from the inbox, and calls Finance to confirm numbers as Customer.  We would have a problem.

    So to mitigate, we would have Finance tell the caller we are going to call them back and does so with our number on file to confirm we are talking to the company and not someone spoofing the Caller ID.

    Just another layer of protection we can add that takes an extra moment.

    Dave Magalen
    IT Manager
    Aurora Plastics
    Streetsboro, OH

    Academy - Online Interactive Learning from Experts

  • 4.  RE: #Accounting - Fraud

    Posted Jan 15, 2020 09:23 AM
    No matter what kind of written information request form you have, each and every time you send money electronically, you should call and verbally confirm that the information is still accurate.  Never confirm via email.  Always call your known contact.  We still verbally confirm ACH debit and wire instructions verbally for each and every transmission with vendors we have used for 20 years.

    Laura Susko
    Director, Tax & Accounting
    Levy Family Partners

    Academy - Online Interactive Learning from Experts

If you've found this thread useful, dive deeper into User Group community content by role