- Monitor accounts frequently (daily as a best practice). Immediately review Wire, ACH or other transaction confirmations.
- Implement dual controls and approval for ACH and Wire transfers so that dual approval is required before the transaction is initiated at the Originating Depository Financial Institution (ODFI).
- Never share user IDs, passwords, PIN numbers, dynamic tokens, etc. with anyone. Do not leave them in an area that is not locked/secured.
- Do not use the same login or password on any other website or software.
- Obtain and install antivirus, anti-malware and anti-spyware software, and consider installation of a firewall (and make sure it is active and automatically updated by the vendor, or take necessary steps to keep it updated).
- Limit or eliminate unnecessary web-surfing and/or e-mail activity by employees, including personal activity, on computers used for online banking.
- Consider a dedicated computer for online banking that is never used for e-mail or general internet browsing/surfing (cost of computer vs. loss).
- Educate all company/entity personnel on good cyber security practices, clearing the Internet browser’s cache before and after visiting the Financial Institution’s website, to avoid having malware installed on a computer.
»» e.g., if a media player needs to be updated, go to the official media player website to install the update. Clicking on a fake update installation link could just mask a hacker downloading malware onto the computer. - Verify use of a secure session. (“https://” and not “http://”)
- Avoid saving passwords to a computer.
- Never leave a computer unattended when using any online banking service, and always lock your computer when away.
- Never access the Financial Institution’s website for online banking (or any privileged or sensitive computer system) from a public computer at a hotel/motel, library, coffee house or other public wireless access point.
- Be suspicious of any employment position that requires use of a personal account for business purposes. Such offers for employment as a mystery shopper, payment processor, etc., where you are required to use your personal account for someone else’s business purposes, are not legitimate.
»» No legitimate business will attempt to move business funds through anyone’s personal account, and you should educate yourself on these issues.
»» If you are approached to participate in such schemes, immediately contact local law enforcement, the FBI or the Secret Service to let them know
What are some of the best practices for business banking online? Print
Modified on: Wed, 4 Dec, 2019 at 7:12 AM
Did you find it helpful? Yes No
Send feedbackSorry we couldn't be helpful. Help us improve this article with your feedback.