{Governmental Client Training} June 20, 2016

Save this PDF as:
 WORD  PNG  TXT  JPG

Size: px
Start display at page:

Download "{Governmental Client Training} June 20, 2016"

Transcription

1 {Governmental Client Training} June 20, 2016

2 2 Online Banking Controls & Fraud Considerations Dan Block, CPA Rumzei Abdallah, CPA

3 Agenda 3 Online Banking Considerations What happened? 7 Controls Commonly Identified for Online Banking Fraud Examination vs Audit Fraud Case Study Things to look for Q&A

4 Online Banking Considerations 4 What happened? The complexities of cybersecurity have increased and become inherent in almost every organization causing these need to address these risks of fraud. The extent to which online and electronic banking transactions are used significantly increases the exposure to inappropriate and unauthorized transactions.

5 Online Banking Considerations 5 Examples of Internal Control failures that have led to fraud An external hacker obtained the password information to the bank account of a small community organization and withdrew small amounts that would likely be under approval thresholds. Fraudulent checks were created and cashed in the name of a midsize company. An internal staff circumvented controls and approved wire transfers to a personal account to the tune of millions of dollars. So now what?

6 Controls Commonly Identified for Online Banking Security 6 1. Access security 2. Volume limits 3. Limited payees and transfers 4. Positive Pay 5. Bank Reconciliations 6. Notification 7. Activity Logging

7 Pop Quiz 7 What is heartbleed? a) A computer virus that causes your computer to randomly shut down without saving changes, also known as the blue screen of death. b) An virus that sends all of your passwords to hackers, which they can then use to log into your bank accounts and withdraw funds. c) A security bug mistakenly written into security encryption that makes it possible for hackers to extract data from massive databases containing user names, passwords and other sensitive information. d) A Taylor Swift song about her most recent break-up

8 Pop Quiz 8 What is heartbleed? Answer: c) A security bug mistakenly written into security encryption that makes it possible for hackers to extract data from massive databases containing user names, passwords and other sensitive information.

9 Pop Quiz 9 Who was impacted?

10 1. Access Security 10 Accounts, IDs, and passwords should uniquely identify each employee. Significant passwords help protect against unauthorized hacking access. Changing passwords regularly helps both with employees who may share a password at one point in time as well as fighting against passwords that are compromised.

11 1. Access Security 11 Multifactor Authentication (MFA) Multifactor authentication (MFA) is a security system that requires more than one method of authentication from independent categories of credentials to verify the user's identity for a login or other transaction. SOMETHING YOU HAVE SOMETHING YOU KNOW LOGIN SUCCESS

12 2. Volume Limits 12 Limiting the amount of each transaction and the total transactions per day can protect against the potential loss if access is compromised. A logical limit would be to follow the tiered amounts typically prescribed in check signing policies.

13 3. Limited Payees and Transfers 13 Transfers: Written instructions with the financial institution should limit transfers to other accounts in the entity s name. Payees: Controls over adding payees should be commensurate with controls over adding vendors to AP software.

14 4. Positive Pay 14 Positive Pay was originally designed so that a company issuing checks would send a list of checks and the pertinent details (payee, amount, check number) to their bank. Then, when a check was presented on their account, the bank could confirm the details and thwart any bogus checks. Today, this service has expanded to include a variety of review points and options and remains an effective tool to mitigate fraud. The bank customer can have the option to review all unconfirmed checks presented online with defaults set to allow after 24 hours or deny. Positive Pay has been copied for ACH transactions and can be used in a similar fashion for electronic banking.

15 5. Bank Reconciliations 15 This may sound elementary, but MANY communities and businesses fail to include an online-only account in the same monthly reconciliation and closing processes as traditional bank accounts (i.e. a PayPal account).

16 6. Notification 16 Enforce a notification system that cannot be overridden by the person with the banking administrator login ID and password. For example, create an forwarding account that automatically notifies multiple employees (i.e. someone in accounting and someone in operations) whenever a payment is made or received.

17 7. Activity Logging 17 Many banks are providing access to activity logs for their online accounts. These can be used by management for routine reviews of employee activity. Additionally, internal and external auditors can develop data analysis techniques to comb these logs for unusual activity. Letting employees know that their activity is logged can provide a significant deterrent to fraudulent behavior. Electronic searches of the log files may confirm routine activities or expose anomalies worth investigating further.

18 Fraud Standards in an Audit 18 SAS 99 Misstatement arising from fraudulent financial reporting Misstatement arising from misappropriation of assets Fraud triangle Fraud Brainstorming Focus on direct and material impact on financial statements Valid A/R and revenue Adequate reserves for uncollectible accounts Adequate settlement estimates Risk for misappropriation due to: Lack of segregation of duties Lack of required approvals Inappropriate access/authorization to bank accounts Professional Skepticism

19 Audits v. Fraud Examinations 19

20 The Perfect Case Study Dixon, Illinois Population 15, Median household income - $38, Median house/condo value - $83, Total Primary Government Expenses of $15.6M

21 (Almost) Every Red Flag We Talked About 21 Long-term employee Started as in intern in high-school in 1970 Named Treasurer and Comptroller in 1983 Lack of internal controls Reconciled accounts Made deposits Requested funds Controlled the mail (PO Box) Embezzlement/index.php?cparticle=3&siarticle=2#artanc

22 Things to Look For Billing Schemes 22

23 Things to Look For Billing Schemes 23 Invoice Numbers Subtle changes Out of sequence Inconsistent Duplicate

24 Things to Look For Billing Schemes 24

25 Things to Look For Billing Schemes 25

26 Duplicates 26 Highlight your data Leave out employee at this point Go to conditional formatting Highlight Cells Rules Duplicate Values Click ok

27 Duplicates 27 All the duplicates will now be highlighted in the default color Sort your data by color

28 Duplicates 28 Manual Review More highlights = higher risk

29 Billing Out of Sequence 29 Invoice numbers out of sequence - (=IF(B4- B3>=0,"","OutSeq") 1) Sort the data by Invoice Number then Invoice Date B Invoice Invoice Invoice Invoice Invoice

30 Billing Out of Sequence 30 Invoice Invoice Invoice Out of Sequence Checks - (=IF(B4- B3>=0,"","OutSeq") 2) Insert a column next to the Invoice Date column. The column should be formatted as General 3) Start at the second row of data in your set. Insert the following formula: (=IF(B4-B3>=0,"","OutSeq") The B is replaced with whichever column the Invoice Date is in. The 4 and 3 is replaced with whichever rows are your second and first rows in your data set. 4) Highlight your new column and calculated formulas. Paste/Special values only so they don t change when you re-sort for any reason.

31 Plante & Moran, PLLC 31

ONLINE BANKING SECURITY TIPS FOR OUR BUSINESS CLIENTS

ONLINE BANKING SECURITY TIPS FOR OUR BUSINESS CLIENTS $ ONLINE BANKING SECURITY TIPS FOR OUR BUSINESS CLIENTS Boston Private Bank & Trust Company takes great care to safeguard the security of your Online Banking transactions. In addition to our robust security

More information

Application Intrusion Detection

Application Intrusion Detection Application Intrusion Detection Drew Miller Black Hat Consulting Application Intrusion Detection Introduction Mitigating Exposures Monitoring Exposures Response Times Proactive Risk Analysis Summary Introduction

More information

Fighting Fraud with Data Mining & Analysis

Fighting Fraud with Data Mining & Analysis Fighting Fraud with Data Mining & Analysis Leonard W. Vona December 2008 Fraud Auditing, Inc. Phone: 518-784-2250 www.fraudauditing.net E-mail: leonard@leonardvona.com Copyright 2008 Leonard Vona and Fraud

More information

Online Cash Management Security: Beyond the User Login

Online Cash Management Security: Beyond the User Login Online Cash Management Security: Beyond the User Login Sonya Crites, CTP, SunTrust Anita Stevenson-Patterson, CTP, Manheim February 28, 2008 Agenda Industry Trends Government Regulations Payment Fraud

More information

Detecting Fraud. Michelle McHale & Brian Camiller. Agenda. Fraud Risks. Tools available. Case Studies

Detecting Fraud. Michelle McHale & Brian Camiller. Agenda. Fraud Risks. Tools available. Case Studies Detecting Fraud Michelle McHale & Brian Camiller Agenda 2 Fraud Risks Tools available Case Studies Fraud Risks 3 SAS 99 Misstatement arising from fraudulent financial reporting Misstatement arising from

More information

THE ABC S OF DATA ANALYTICS

THE ABC S OF DATA ANALYTICS THE ABC S OF DATA ANALYTICS ANGEL BUTLER MAY 23, 2013 HOUSTON AREA SCHOOL DISTRICT INTERNAL AUDITORS (HASDIA) AGENDA Data Analytics Overview Data Analytics Examples Compliance Purchasing and Accounts Payable

More information

Personal Online Banking & Bill Pay. Guide to Getting Started

Personal Online Banking & Bill Pay. Guide to Getting Started Personal Online Banking & Bill Pay Guide to Getting Started What s Inside Contents Security at Vectra Bank... 4 Getting Started Online... 5 Welcome to Vectra Bank Online Banking. Whether you re at home,

More information

University of Nebraska - Lincoln Identity Theft Prevention Program

University of Nebraska - Lincoln Identity Theft Prevention Program I. Purpose & Scope This program was developed pursuant to the Federal Trade Commission s (FTC) Red Flag Rules promulgated pursuant to the Fair and Accurate Credit Transactions Act (the FACT Act). The University

More information

Chapter 7 Trustee. Internal Control Questionnaire

Chapter 7 Trustee. Internal Control Questionnaire Chapter 7 Trustee Instructions for the trustee: The purpose of the (ICQ) is to provide the United States Trustee with an understanding of the internal controls and financial record keeping and reporting

More information

Business Online. Quick Reference Guide

Business Online. Quick Reference Guide Business Online Quick Reference Guide . All rights reserved. This work is confidential and its use is strictly limited. Use is permitted only in accordance with the terms of the agreement under which it

More information

Basic ebusiness Banking User Guide

Basic ebusiness Banking User Guide Basic ebusiness Banking User Guide 1 Welcome: Welcome to Chemical Bank s ebusiness Banking system. With ebusiness Banking, you can access your accounts 24-hours a day, seven days a week; anywhere an Internet

More information

Fraud Detection and Prevention. Timothy P. Minahan Vice President Government Banking TD Bank

Fraud Detection and Prevention. Timothy P. Minahan Vice President Government Banking TD Bank Fraud Detection and Prevention Timothy P. Minahan Vice President Government Banking TD Bank Prevention vs. Detection Prevention controls are designed to keep fraud from occurring Detection controls are

More information

Detecting, Preventing, and Mitigating Identity Theft

Detecting, Preventing, and Mitigating Identity Theft THE RED FLAGS RULE Detecting, Preventing, and Mitigating Identity Theft Training for Ball State University s Identity Theft Protection Program What is the Red Flag Rule? Congress passed the Fair and Accurate

More information

Business ebanking Fraud Prevention Best Practices

Business ebanking Fraud Prevention Best Practices Business ebanking Fraud Prevention Best Practices User ID and Password Guidelines Create a strong password with at least 8 characters that includes a combination of mixed case letters, numbers, and special

More information

Cathay Business Online Banking

Cathay Business Online Banking Cathay Business Online Banking A QUICK GUIDE TO CATHAY BUSINESS ONLINE BANKING R6119 CATHAY 8_5x11 Cover V2.indd 1 6/11/13 5:50 PM Welcome Welcome to Cathay Business Online Banking (formerly known as Cathay

More information

Managing the Risk of Employee Theft

Managing the Risk of Employee Theft This tool accompanies Lessons for Financial Success available at mgma.com/lessons. Lessons is a free, easy-to-use guide for office administrators and physicians who manage their own practices but may not

More information

Business Online Banking & Bill Pay Guide to Getting Started

Business Online Banking & Bill Pay Guide to Getting Started Business Online Banking & Bill Pay Guide to Getting Started What s Inside Contents Security at Vectra Bank... 4 Getting Started Online... 5 Welcome to Vectra Bank Business Online Banking. Whether you re

More information

Performance Audit City s Payment Process

Performance Audit City s Payment Process Performance Audit City s Payment Process January 2013 City Auditor s Office City of Kansas City, Missouri 18-2011 Office of the City Auditor 21 st Floor, City Hall 414 East 12 th Street (816) 513-3300

More information

CITY OF MARQUETTE, MICHIGAN CITY COMMISSION POLICY

CITY OF MARQUETTE, MICHIGAN CITY COMMISSION POLICY CITY OF MARQUETTE, MICHIGAN CITY COMMISSION POLICY Policy Number: 2008-02 Date Adopted: October 27, 2008 Department: Administrative SUBJECT: IDENTITY THEFT PREVENTION PROGRAM I. OBJECTIVE: A. To protect

More information

BANKOH BUSINESS CONNECTIONS WIRE TRANSFER GUIDE

BANKOH BUSINESS CONNECTIONS WIRE TRANSFER GUIDE BANKOH BUSINESS CONNECTIONS WIRE TRANSFER GUIDE Revision 2/2013 1 of 35 Contents GENERAL INFORMATION... 3 Wire Transfers... 3 Types of Wires... 3 Wire Templates... 3 Bankoh Business Connections Wire Cut-off

More information

Reliance Bank Fraud Prevention Best Practices

Reliance Bank Fraud Prevention Best Practices Reliance Bank Fraud Prevention Best Practices May 2013 User ID and Password Guidelines Create a strong password with at least 8 characters that includes a combination of mixed case letters and numbers.

More information

How do I contact someone if my question is not answered in this FAQ?

How do I contact someone if my question is not answered in this FAQ? Help Where may I find the answers to my Internet Banking questions? How do I contact someone if my question is not answered in this FAQ? Enrolling How do I enroll in Internet Banking? Logging In How do

More information

Chapter 5. Check Tampering

Chapter 5. Check Tampering Chapter 5 Check Tampering 1 Define check tampering. Learning Objectives Understand the five principal categories of check tampering. Detail the means by which employees fraudulently obtain company checks.

More information

THE CHANGING FACE OF CYBERCRIME AND WHAT IT MEANS FOR BANKS

THE CHANGING FACE OF CYBERCRIME AND WHAT IT MEANS FOR BANKS THE CHANGING FACE OF CYBERCRIME AND WHAT IT MEANS FOR BANKS David Glockner, Managing Director strozfriedberg.com Overview The big picture: what does cybercrime look like today and how is it evolving? What

More information

COOKING THE BOOKS WITH QUICKBOOKS

COOKING THE BOOKS WITH QUICKBOOKS COOKING THE BOOKS WITH QUICKBOOKS Summary of Presentation: QuickBooks is the number one small business accounting software. Without proper controls, it's also extremely easy to use to cover up misappropriation.

More information

BUSINESS NETTELLER ONLINE BANKING USER GUIDE

BUSINESS NETTELLER ONLINE BANKING USER GUIDE BUSINESS NETTELLER ONLINE BANKING USER GUIDE Revised 6.5.2013 TABLE OF CONTENTS Login Process...1 Cash Management User Login...2 Cash Management User Single Sign-on...3 Multi-Factor Authentication...4

More information

Chapter 3. Cash Larceny

Chapter 3. Cash Larceny Chapter 3 Cash Larceny 1 Pop Quiz What is the difference between larceny and skimming? 2 Learning Objectives Define cash larceny. Understand how cash receipts schemes differ from fraudulent disbursements.

More information

Best Practices Guide to Electronic Banking

Best Practices Guide to Electronic Banking Best Practices Guide to Electronic Banking City Bank & Trust Company offers a variety of services to our customers. As these services have evolved over time, a much higher percentage of customers have

More information

Target Security Breach

Target Security Breach Target Security Breach Lessons Learned for Retailers and Consumers 2014 Pointe Solutions, Inc. PO Box 41, Exton, PA 19341 USA +1 610 524 1230 Background In the aftermath of the Target breach that affected

More information

Red Flags Identity Theft Training Program. Fall 2015

Red Flags Identity Theft Training Program. Fall 2015 Red Flags Identity Theft Training Program Fall 2015 Background In 2003, U.S. Congress enacted the Fair and Accurate Credit Transactions Act of 2003 (FACTA). FACTA requires creditors to adopt policies and

More information

Bank Account Reconciliation, Bank Account Access and Automated Clearing House (ACH) Transactions Review

Bank Account Reconciliation, Bank Account Access and Automated Clearing House (ACH) Transactions Review Internal Audit Department 350 South 5th Street, Suite 302 Minneapolis, MN 55415-1316 (612) 673-2056 Audit Team on the Engagement: Kelcie Brady, Student Intern Jacob L. Claeys Lauren Heir, Student Intern

More information

Interagency Guidelines on Identity Theft Detection, Prevention, and Mitigation

Interagency Guidelines on Identity Theft Detection, Prevention, and Mitigation Guidelines to FTC Red Flag Rule(reformatted) Appendix A to Part 681 Interagency Guidelines on Identity Theft Detection, Prevention, and Mitigation Section 681.2 of this part requires each financial institution

More information

Fraud Detection and Prevention

Fraud Detection and Prevention Fraud Detection and Prevention Financial Management Advisory Council August 28, 2014 Sarah Mahugh, CPA, MBA Financial Audit Audit Manager Overview Fraud trends Fraud Risks and internal controls Case Studies

More information

Trust Safety Update. Central Alberta Bar Society Red Deer June 3, 2015

Trust Safety Update. Central Alberta Bar Society Red Deer June 3, 2015 Trust Safety Update Central Alberta Bar Society Red Deer June 3, 2015 Today s Presentation Fraud Schemes & Lawyer s Trust Accounts Risk Mitigation strategies Examples etransactions and Trust Accounts Trust

More information

Red Flag Rules and Aging Services: What You Need to Know

Red Flag Rules and Aging Services: What You Need to Know Red Flag Rules and Aging Services: What You Need to Know Late in 2007, six federal agencies, including the Federal Trade Commission ( FTC ), jointly issued final rules and accompanying guidelines to implement

More information

FAQ's. Introduction. Frequently asked questions about Epay Manager. For more information, please call 800.240.1824.

FAQ's. Introduction. Frequently asked questions about Epay Manager. For more information, please call 800.240.1824. FAQ's Frequently asked questions about Epay Manager. For more information, please call 800.240.1824. Introduction This document was created to help you answer a few of the more common questions about Epay

More information

3344-19-01 Identity theft prevention program and red flag compliance policy.

3344-19-01 Identity theft prevention program and red flag compliance policy. 3344-19-01 Identity theft prevention program and red flag compliance policy. (A) Program adoption Cleveland state university has developed this identity theft prevention program ( program ) pursuant to

More information

Need help? The Accounts Payable Help Documentation is designed to make your Accounts Payable experience as efficient as possible.

Need help? The Accounts Payable Help Documentation is designed to make your Accounts Payable experience as efficient as possible. Need help? The Accounts Payable Help Documentation is designed to make your Accounts Payable experience as efficient as possible. All you have to do to navigate through this document is simply use the

More information

Red Flag Rules Information and Training

Red Flag Rules Information and Training Red Flag Rules Information and Training What are Red Flag Rules? The Red Flag Rules: - Are enforced by the Federal Trade Commission (FTC), the federal bank regulatory agencies, and the National Credit

More information

Identity Theft Prevention Program

Identity Theft Prevention Program -- Sample Policy -- Identity Theft Prevention Program Purpose To establish an Identity Theft Prevention Program designed to detect, prevent and mitigate identity theft in connection with the opening of

More information

Financial Transactions and Fraud Schemes

Financial Transactions and Fraud Schemes Financial Transactions and Fraud Schemes Asset Misappropriation: Fraudulent Disbursements Fraudulent Disbursement Schemes Register disbursement schemes Check tampering schemes Payroll schemes Billing schemes

More information

Your security is our priority

Your security is our priority Your security is our priority Welcome to our Cash Management newsletter for businesses. You will find valuable information about how to limit your company s risk for fraud. We offer a wide variety of products

More information

Is There Anyway to Prevent Fraud? Bill Gady, CGA CPA Partner

Is There Anyway to Prevent Fraud? Bill Gady, CGA CPA Partner Is There Anyway to Prevent Fraud? Bill Gady, CGA CPA Partner Learning Objectives: Understand how fraud can occur Learn procedures you can implement to prevent fraud Learn how to detect fraud Common Situations

More information

Wake Forest University. Identity Theft Prevention Program. Effective May 1, 2009

Wake Forest University. Identity Theft Prevention Program. Effective May 1, 2009 Wake Forest University Identity Theft Prevention Program Effective May 1, 2009 I. GENERAL It is the policy of Wake Forest University ( University ) to comply with the Federal Trade Commission's ( FTC )

More information

P-Card Fraud Controls. Introduction

P-Card Fraud Controls. Introduction Introduction According to 2013 Association of Financial Professionals (AFP) Payments Fraud and Survey, the second most targeted payment type for fraud was corporate/commercial purchasing cards. 29% of

More information

Business Online Banking Quick Users Guide

Business Online Banking Quick Users Guide Business Online Banking Quick Users Guide Business Online Banking Quick Users Guide Table of Contents Overview 2 First Time Login 2 Security 4 Contact Points 4 Registering your Browser / Computer 5 Adding,

More information

Identity Theft Prevention Program. Approved by the Arizona Board of Regents on May 1, 2009

Identity Theft Prevention Program. Approved by the Arizona Board of Regents on May 1, 2009 Identity Theft Prevention Program Approved by the Arizona Board of Regents on May 1, 2009 I. Purpose & Scope This Program was developed pursuant to the Federal Trade Commission s ( FTC ) Red Flag Rules

More information

FFIEC CONSUMER GUIDANCE

FFIEC CONSUMER GUIDANCE FFIEC CONSUMER GUIDANCE Important Facts About Your Account Authentication Online Banking & Multi-factor authentication and layered security are helping assure safe Internet transactions for banks and their

More information

Approved by the Audit Committee of the Board of Trustees, effective February 3, 2009.

Approved by the Audit Committee of the Board of Trustees, effective February 3, 2009. Red Flag Identity Theft Policy 1.) Policy and Program Rationale: Messiah College ( College ) has developed the Identity Theft Policy ( Policy) and Prevention Program ( Program ) pursuant to the Federal

More information

TITLE XVIII: IDENTITY THEFT PREVENTION PROGRAM

TITLE XVIII: IDENTITY THEFT PREVENTION PROGRAM River Bend Identity Theft Program 1 TITLE XVIII: IDENTITY THEFT PREVENTION PROGRAM Chapter 18.01. IDENTITY THEFT PREVENTION PROGRAM 2 Identity Theft Prevention Program SECTION Chapter 18.01: IDENTITY THEFT

More information

by: Scott Baranowski, CIA

by: Scott Baranowski, CIA Community Bank Auditors Group A/P, Procurement and Credit Card Internal Controls June 4, 2014 by: Scott Baranowski, CIA MEMBER OF PKF NORTH AMERICA, AN ASSOCIATION OF LEGALLY INDEPENDENT FIRMS 2013 Wolf

More information

FRAUD PREVENTION STRATEGIES FOR HEALTH CARE A FORENSIC ACCOUNTANT S PERSPECTIVE

FRAUD PREVENTION STRATEGIES FOR HEALTH CARE A FORENSIC ACCOUNTANT S PERSPECTIVE FRAUD PREVENTION STRATEGIES FOR HEALTH CARE A FORENSIC ACCOUNTANT S PERSPECTIVE CPAs & ADVISORS experience reach // S. Todd Burchett, CPA, ABV, ASA, CFF, CFE Partner tburchett@bkd.com 210.268.1932 AGENDA

More information

Generate Electronic Payments in Accounts Payable

Generate Electronic Payments in Accounts Payable Generate Electronic Payments in Accounts Payable IMPORTANT NOTICE This document and the Sage 300 Construction and Real Estate software may be used only in accordance with the Sage 300 Construction and

More information

University of Dayton Red Flag ID Theft Prevention Program

University of Dayton Red Flag ID Theft Prevention Program University of Dayton Red Flag ID Theft Prevention Program I. Program Adoption The University of Dayton developed this Identity Theft Prevention Program ("Program") pursuant to the Federal Trade Commission's

More information

Knowledge Base. Table of Contents. Customers How Do I?

Knowledge Base. Table of Contents. Customers How Do I? Knowledge Base Table of Contents Customers How Do I? Set up a Customer?...2 Record a payment received from a customer?...5 Allocate the customer s payment to an order?...6 Deposit the customers payments?...8

More information

FINANCE COMMITTEE PROCEDURES. Audit Process. Cash Handling

FINANCE COMMITTEE PROCEDURES. Audit Process. Cash Handling 1 FINANCE COMMITTEE PROCEDURES Audit Process 1. Internal audits are conducted once a year. 2. The bookkeeper will provide the following information: bank statements, prior year vouchers, and access to

More information

Internal Controls for Small Business Accounting

Internal Controls for Small Business Accounting Internal Controls for Small Business Accounting Dr. Robert H. Spencer, K2 Enterprises Administrative Controls Administrative controls are defined as those measures that control operations and transactions

More information

ACCG Identity Theft Prevention Program. ACCG 50 Hurt Plaza, Suite 1000 Atlanta, Georgia 30303 (404)522-5022 (404)525-2477 www.accg.

ACCG Identity Theft Prevention Program. ACCG 50 Hurt Plaza, Suite 1000 Atlanta, Georgia 30303 (404)522-5022 (404)525-2477 www.accg. ACCG Identity Theft Prevention Program ACCG 50 Hurt Plaza, Suite 1000 Atlanta, Georgia 30303 (404)522-5022 (404)525-2477 www.accg.org July 2009 Contents Summary of ACCG Identity Theft Prevention Program...

More information

Identity Theft Prevention Program Red Flag Rules Policy P093.00 Issued: May 2009

Identity Theft Prevention Program Red Flag Rules Policy P093.00 Issued: May 2009 Identity Theft Prevention Program Red Flag Rules Policy P093.00 Issued: May 2009 The Federal Trade Commission has issued a final rule (the Red Flag Rule) under the Fair and Accurate Credit Transactions

More information

University of Cincinnati FACTA Red Flag Identity Theft Prevention Program

University of Cincinnati FACTA Red Flag Identity Theft Prevention Program FACTA Red Flag Identity Theft Prevention Program FACTA Red Flag Policy Program, page 1 of 6 Contents Overview 3 Definition of Terms 3 Covered Accounts..3 List of Red Flags 3 Suspicious Documents...4 Suspicious

More information

Northeast Technology Center Board Policy 2110 Page 1 IDENTITY THEFT PREVENTION (MANY COVERED ACCOUNTS)

Northeast Technology Center Board Policy 2110 Page 1 IDENTITY THEFT PREVENTION (MANY COVERED ACCOUNTS) Page 1 IDENTITY THEFT PREVENTION (MANY COVERED ACCOUNTS) This Policy is adopted to ensure compliance with the Fair and Accurate Credit Transaction Act, 15 U.S.C. 1601 et seq. and the Federal Trade Commission

More information

Internal Control Deliverables. For. System Development Projects

Internal Control Deliverables. For. System Development Projects DIVISION OF AUDIT SERVICES Internal Control Deliverables For System Development Projects Table of Contents Introduction... 3 Process Flow... 3 Controls Objectives... 4 Environmental and General IT Controls...

More information

Contract and Procurement Fraud. Vendor Management

Contract and Procurement Fraud. Vendor Management Contract and Procurement Fraud Vendor Management Introduction Organizations must take steps to reduce vendor fraud, including: Conducting vendor due diligence Managing vendor risks via contracts Ensuring

More information

FTC FACT Act Red Flags Rule Template

FTC FACT Act Red Flags Rule Template FTC FACT Act Red Flags Rule Template Important: If you choose to use this template as a guide, you must adapt it to reflect your individual firm. Without the analysis and modification required to fit your

More information

Covered Areas: Those EVMS departments that have activities with Covered Accounts.

Covered Areas: Those EVMS departments that have activities with Covered Accounts. I. POLICY Eastern Virginia Medical School (EVMS) establishes the following identity theft program ( Program ) to detect, identify, and mitigate identity theft in its Covered Accounts in accordance with

More information

Community Ambulance Service District

Community Ambulance Service District STATUTORY AUDIT Community Ambulance Service District For the year ended June 30, 2014 Oklahoma State Auditor & Inspector Gary A. Jones, CPA, CFE This publication, issued by the Oklahoma State Auditor and

More information

Fraud: Real Stories, Real People, Real Impact

Fraud: Real Stories, Real People, Real Impact Fraud: Real Stories, Real People, Real Impact Chris Harper, CPA, MBA Senior Manager Types of Fraud Asset misappropriation Fraudulent financial reporting Identity theft Detection Skills The Fraud Triangle

More information

Number of Pages: 5 Number of Forms: 0 Saved As: X:/Policies & Procedures/13. JCAHO STD s (if applicable): N/A

Number of Pages: 5 Number of Forms: 0 Saved As: X:/Policies & Procedures/13. JCAHO STD s (if applicable): N/A 15.05 Identity Theft Prevention Program Policy: Identity Theft Prevention Program Effective Date: Manual: RFHC Clinical Policies and Procedures Revision Date: Number of Pages: 5 Number of Forms: 0 Saved

More information

Identity Theft Prevention Program

Identity Theft Prevention Program Identity Theft Prevention Program I. PROGRAM PURPOSE AND DEFINITIONS The purpose of this Identity Theft Prevention Program ( Program ) is to detect, prevent and mitigate identity theft in connection with

More information

Auditing Wire Transfers and ACH Transactions

Auditing Wire Transfers and ACH Transactions Auditing Wire Transfers and ACH Transactions Tuesday, June 18, 2013 10:15 AM 11:15 AM Presented by: John David McLeod, CPA, CISA, CITP Manager McNair, McLemore, Middlebrooks & Co., LLC 389 Mulberry St.,

More information

By: Gerald Gagne. Community Bank Auditors Group Cybersecurity What you need to do now. June 9, 2015

By: Gerald Gagne. Community Bank Auditors Group Cybersecurity What you need to do now. June 9, 2015 Community Bank Auditors Group Cybersecurity What you need to do now June 9, 2015 By: Gerald Gagne MEMBER OF PKF NORTH AMERICA, AN ASSOCIATION OF LEGALLY INDEPENDENT FIRMS 2015 Wolf & Company, P.C. Cybersecurity

More information

A Performance Audit of the State s Purchasing Card Program

A Performance Audit of the State s Purchasing Card Program REPORT TO THE UTAH LEGISLATURE Number 2006-09 A Performance Audit of the State s Purchasing Card Program September 2006 Audit Performed By: Audit Manager Audit Supervisor Audit Staff Rick Coleman Susan

More information

STATE OF NEW YORK OFFICE OF THE STATE COMPTROLLER 110 STATE STREET ALBANY, NEW YORK 12236. February 25, 2011

STATE OF NEW YORK OFFICE OF THE STATE COMPTROLLER 110 STATE STREET ALBANY, NEW YORK 12236. February 25, 2011 THOMAS P. DiNAPOLI COMPTROLLER STATE OF NEW YORK OFFICE OF THE STATE COMPTROLLER 110 STATE STREET ALBANY, NEW YORK 12236 STEVEN J. HANCOX DEPUTY COMPTROLLER DIVISION OF LOCAL GOVERNMENT AND SCHOOL ACCOUNTABILITY

More information

A Business Signer who has the Manage Users feature assigned to them can create other users on the User Management page in DFCU OnLine.

A Business Signer who has the Manage Users feature assigned to them can create other users on the User Management page in DFCU OnLine. MANAGING USERS A Business Signer who has the Manage Users feature assigned to them can create other users on the User Management page in DFCU OnLine. To add a user and configure rights: 1. In the Menu,

More information

Online Banking Fraud Prevention Recommendations and Best Practices

Online Banking Fraud Prevention Recommendations and Best Practices Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee at Continental National Bank of Miami needs to know

More information

This Agreement shall be governed by and construed in accordance with the laws of the State of Wyoming.

This Agreement shall be governed by and construed in accordance with the laws of the State of Wyoming. Online Agreement: Online Banking Agreement. By submitting this form, you agree that you have read and agree to all terms herein. If you would like to talk with us about your enrollment, please call 307-732-BOJH

More information

CHAPTER 101: IDENTITY THEFT PREVENTION PROGRAM

CHAPTER 101: IDENTITY THEFT PREVENTION PROGRAM CHAPTER 101: IDENTITY THEFT PREVENTION PROGRAM Section 101.01 Purpose 101.02 Definitions 101.03 Program established 101.04 Administration of program 101.05 Identification of relevant red flags 101.06 Detection

More information

Business Internet Banking / Cash Management Fraud Prevention Best Practices

Business Internet Banking / Cash Management Fraud Prevention Best Practices Business Internet Banking / Cash Management Fraud Prevention Best Practices This document provides fraud prevention best practices that can be used as a training tool to educate new Users within your organization

More information

Internal Control Risks Associated with Information Technology. Kevin M. Bronner, Ph.D.

Internal Control Risks Associated with Information Technology. Kevin M. Bronner, Ph.D. Internal Control Risks Associated with Information Technology By Kevin M. Bronner, Ph.D. Introduction: The Risk of Information Technology Fraud The information technology (IT) function is important to

More information

Sound Business Practices for Businesses to Mitigate Corporate Account Takeover

Sound Business Practices for Businesses to Mitigate Corporate Account Takeover Sound Business Practices for Businesses to Mitigate Corporate Account Takeover This white paper provides sound business practices for companies to implement to safeguard against Corporate Account Takeover.

More information

[Utility Name] Identity Theft Prevention Program. Effective beginning, 2008

[Utility Name] Identity Theft Prevention Program. Effective beginning, 2008 [Utility Name] Identity Theft Prevention Program Effective beginning, 2008 I. PROGRAM ADOPTION The [Utility Name] ("Utility") developed this Identity Theft Prevention Program ("Program") pursuant to the

More information

Identification of Red Flags, Detecting Red Flags, and Preventing and Mitigating Identity Theft

Identification of Red Flags, Detecting Red Flags, and Preventing and Mitigating Identity Theft George Mason University Identity Theft Prevention Program - Procedures Revised September 30, 2012 Identification of, ing, and Preventing and Mitigating Identity Theft IDENTIFICATION OF COVERED ACCOUNT

More information

White Paper. The E-Sign Act. Use and enforceability of identifiers, passwords and personal identification numbers as signatures

White Paper. The E-Sign Act. Use and enforceability of identifiers, passwords and personal identification numbers as signatures White Paper The E-Sign Act Use and enforceability of identifiers, passwords and personal identification numbers as signatures 1 Table of Contents Introduction 2 The Audit Confirmation Process 2 The Confirm

More information

California State University, Chico. Identity Theft Prevention Red Flags Program

California State University, Chico. Identity Theft Prevention Red Flags Program Identity Theft Prevention Red Flags Program Version 1.0 November 16, 2010 REVIEW/APPROVAL HISTORY Document Title: Author: Brooke F. Banks, Information Security Officer Date By Action Pages 10/30/2009 Bill

More information

Legal Lunch with Laura. Laura L. Rubenstein, Esq. Offit Kurman, P.A

Legal Lunch with Laura. Laura L. Rubenstein, Esq. Offit Kurman, P.A Legal Lunch with Laura a Laura L. Rubenstein, Esq. Offit Kurman, P.A. 410.209.6433 lrubenstein@offitkurman.com 2015 Lunch Dates Webinars will be scheduled once a quarter on the third Tuesday of March,

More information

HUNTINGTON BUSINESS SECURITY SUITE USER GUIDE

HUNTINGTON BUSINESS SECURITY SUITE USER GUIDE HUNTINGTON BUSINESS SECURITY SUITE USER GUIDE CONTENTS WELCOME 3 SECTION 1: GETTING STARTED LOGGING IN 5 SECTION 2: ACH POSITIVE PAY OVERVIEW 7 FILTERS 8 MANAGING EXCEPTIONS 11 WAREHOUSE 14 APPROVALS 15

More information

University Identity Theft and Detection Program (NEW) All Campuses and All Service Providers Subject to the Red Flags Rule

University Identity Theft and Detection Program (NEW) All Campuses and All Service Providers Subject to the Red Flags Rule NUMBER: BUSF 4.12 SECTION: SUBJECT: Finance and Planning University Identity Theft and Detection Program (NEW) DATE: March 3, 2011 Policy for: Procedure for: Authorized by: Issued by: All Campuses and

More information

Internal Controls, Fraud Detection and ERP

Internal Controls, Fraud Detection and ERP Internal Controls, Fraud Detection and ERP Recently the SEC adopted Section 404 of the Sarbanes Oxley Act. This law requires each annual report of a company to contain 1. A statement of management's responsibility

More information

FIRST HOPE BANK BUSINESS ONLINE BANKING DIRECT CONNECT WITH QUICKBOOKS

FIRST HOPE BANK BUSINESS ONLINE BANKING DIRECT CONNECT WITH QUICKBOOKS FIRST HOPE BANK BUSINESS ONLINE BANKING DIRECT CONNECT WITH QUICKBOOKS Turning Hope Into Reality 2 Contents Set Up: Configuring Quickbooks for Online Services... 4 Set Up: Adding Bill Payments to an Existing

More information

AGA Kansas City Chapter Data Analytics & Continuous Monitoring

AGA Kansas City Chapter Data Analytics & Continuous Monitoring AGA Kansas City Chapter Data Analytics & Continuous Monitoring Agenda Market Overview & Drivers for Change Key challenges that organizations face Data Analytics What is data analytics and how can it help

More information

Broker Registration Guide for TrustFunds Authentication A- B- C Registration Steps 1-2- 3-4

Broker Registration Guide for TrustFunds Authentication A- B- C Registration Steps 1-2- 3-4 Broker Registration Guide for TrustFunds Authentication A- B- C Registration Steps 1-2- 3-4 Broker Authentication 1. From the TrustFunds website homepage, click Get Started Now to begin your Authentication

More information

Here are two informational brochures that disclose ways that we protect your accounts and tips you can use to be safer online.

Here are two informational brochures that disclose ways that we protect your accounts and tips you can use to be safer online. Here are two informational brochures that disclose ways that we protect your accounts and tips you can use to be safer online. FFIEC BUSINESS ACCOUNT GUIDANCE New financial standards will assist credit

More information

www.cathaybank.com Cathay Business Online Banking Quick Guide

www.cathaybank.com Cathay Business Online Banking Quick Guide www.cathaybank.com Cathay Business Online Banking Quick Guide Effective 06/2016 Disclaimer: The information and materials in these pages, including text, graphics, links, or other items are provided as

More information

SAS 70 Questionnaire

SAS 70 Questionnaire 227 Oil Well Road Telephone: (731) 427-8571 Jackson, TN 38305 Fax: (731) 424-5701 Members of: American Institute of Certified Public Accountants Governmental Audit Quality Center AICPA Tennessee Society

More information

ACHieve Access 4.3 User Guide for Corporate Customers

ACHieve Access 4.3 User Guide for Corporate Customers ACHieve Access 4.3 User Guide for Corporate Customers January 2015 Citizens Bank 1 February 2015 Table of Contents SECTION 1: OVERVIEW... 4 Chapter 1: Introduction... 5 How to Use This Manual... 5 Overview

More information

Central Oregon Community College. Identity Theft Prevention Program

Central Oregon Community College. Identity Theft Prevention Program Central Oregon Community College Identity Theft Prevention Program Effective beginning May 1, 2009 I. PROGRAM ADOPTION This program has been created to put COCC in compliance with Section 41.90 under the

More information

Administrative Procedure 5800 Prevention of Identity Theft in Student Financial Transactions

Administrative Procedure 5800 Prevention of Identity Theft in Student Financial Transactions Reference: Fair and Accurate Credit Transactions Act, ( Pub. L. 108-159) The purpose of the Identity Theft Prevention Program (ITPP) is to control reasonably foreseeable risks to students from identity

More information

QuickBooks Credit Card Merchant Service May 18, 2015 revised

QuickBooks Credit Card Merchant Service May 18, 2015 revised May 18, 2015 revised Security Awareness link http://bblearn.missouri.edu Other resources: Signup for Swipe Reader Guidelines for Credit Card Swipe Reader What is the Merchant Service? The Merchant Service

More information

City of Caro Identity Theft Prevention Policy

City of Caro Identity Theft Prevention Policy City of Caro Identity Theft Prevention Policy Purpose The purpose of this policy is to establish an Identity Theft Prevention Program designed to detect, prevent and mitigate identity theft in connection

More information

Keep Your Business Banking

Keep Your Business Banking Keep Your Business Banking Safe in the Digital Age By Erin Fonté As a business executive, you have many choices in conducting banking activities, including online and mobile banking options. But with increasing

More information