Ever had your credit card company call to authorize your recent purchase of two business-class airline tickets to an exotic destination – even though you weren’t planning a trip? If so, you know firsthand the stress, anxiety and alarm that hit when you realize that fraud has come for you. A host of questions immediately follow. Will I have to pay for these tickets? Are there other instances of fraud that I don’t know about yet? Are more fraudulent transactions being executed right now? And many more.
Your clients will have the same response if they find that their businesses have been exposed to fraud through your financial operations services — such as their payment platforms, for example. If the billing solution you use to support client payments is compromised, it can lead to hundreds of fraudulent payments, each of which might be for thousands of dollars. Not only is it stressful for clients, but it can also cause unnecessary work at the firm level to resolve the issues.
When sophisticated fraudsters meet unprepared billing solutions...
Unfortunately, this scenario is more widespread than you might imagine. Why? Because Fraudulent actors are becoming more savvy and are well prepared to exploit weaknesses in accounts payable (AP) solutions that offer a polished, front-end user experience but are unprepared to guard against fraud on the back-end.
It's easy enough for firms and clients to determine if an AP solution’s front-end user experience meets their expectations and requirements. But, with an array of tools at their disposal, how can they confidently determine whether the solution has the infrastructure and capabilities they need to defend against sophisticated fraudsters?
Knowing how to identify a solution with deep security infrastructure your clients can trust is critical
You’re probably already familiar with basic anti-fraud features such as 2-factor authentication, automatic logouts after inactivity and strong password policies — all important and all just scratching the surface of what’s required today. When choosing secure financial operations solutions to serve clients, you need to make sure the solution is backed by a sophisticated anti-fraud infrastructure, not just a handful of basic security features. Here’s what to look for:
- Multi-layered security. AP platforms should include several layers of technology designed to combat payment fraud, network security breaches and unauthorized account access to protect sensitive customer data.
- AICPA SOC 1 and SOC 2 compliance. Adherence to standards is an important marker of the depth of the provider’s commitment to advanced security and anti-fraud measures.
- No third-party issuers. Look for solution providers that handle payment processing in-house, allowing firms and customers to mask their banking information while also giving them more control over payments and superior visibility into payment status.
- Secure data centers. The solution provider should use secure data centers with full redundancy in more than one physical location to provide backup protection against malicious attacks.
- Advanced data breach safeguards. Customer data at rest should be protected by encryption tools. During transfer, the data should receive bank-level protection from Transport Layer Security (TSL).
- Enhanced security for check payments. AP solution providers should send checks through a clearing account, so client account information remains hidden. They should also apply the kind of advanced payment protections that banks typically charge for, such as the Positive Pay fraud-prevention service.
“Good enough” isn’t good enough
When it comes to safeguarding your clients’ data to protect them from fraud, the gold standard is the only standard. After all, these solutions work with some of the most sensitive information your clients have – and your relationship and reputation depend on your ability to help protect it.
BILL has set that standard for security with a thoughtful, comprehensive anti-fraud infrastructure that your firm and clients can trust. For more on BILL’s security features, please visit this page at BILL.com. And to learn more about what to look for in these and other financial operations solutions, visit this page at CPA.com.
About the author
Kimberly K. Blascoe, CPA, leads CPA.com’s CAS 2.0 practice transformation programs, focusing on helping firms establish and grow optimized CAS practices through consulting, practice development and training offerings. Prior to joining CPA.com, Kim spent more than 30 years in public accounting, which included leading the CAS practice for a Top 20 firm.
