.png)
Every business faces considerable exposure to cybercrime. One such crime is funds transfer
fraud (FTF). FTF is often perpetuated through business email compromise (BEC) and email-
based phishing. In these types of attacks, criminals convince employees who have access to
company funds to transfer money into a bank account controlled by the attacker. Companies
can end up losing large amounts of money that’s very difficult to recover once lost.
To address and mitigate the risk of FTF and minimize financial damage if it does happen,
cyber insurance is crucial. However, your insurance premia and coverage can vary
depending on whether you have funds transfer controls in place.
A dual control process is an effective funds transfer control. It means that no single user
can both create and transmit a wire transfer. A second user reviews and validates the
transaction before it is submitted. It thus helps reduce the risk of FTF and also decreases
errors. It can also ensure backup availability so the company can process transactions even
if one or more users are unavailable.
Another FTF prevention control is two-step funds transfer verification. This involves
confirming the source and validity of every fund transfer request before confirming it and
initiating the transfer.
A third critical control is to test the company’s network and systems for vulnerabilities.
Vulnerabilities are security gaps that open the door to cyberattackers, phishers, and BEC
fraudsters. Vulnerability scans and other types of tests (e.g., penetration tests) enable
organizations to find these gaps and take steps to strengthen their cybersecurity systems
and prevent FTF.
Finally, making some payments through the Automated Clearing House (ACH) system
can also reduce the possibility of FTF. It can take a few days to complete a transaction so
fraudulent transfers can be reversed to minimize the impact of a FTF.
As part of the underwriting process, cyber insurance providers analyze organizations’
cybersecurity posture before finalizing insurance terms and coverage. They will also assess
what funds transfer controls are in place.
Their analyses will guide their pricing strategy. They may also ask for supplementary
application forms specifically addressing funds transfer controls to manage limits and set any
subjectivities related to remediation requirements. If the information provided fails to
convince them of the company’s suitability as a client, they may decline to offer a quote.
On the other hand, strong funds transfer controls can lower an organization’s insurance
premia and garner better terms that can protect the business from FTF.
Conclusion
Your business should get comprehensive cyber insurance coverage to protect against FTF.
But for this, you need strong funds transfer controls. If you don’t have them yet, there’s no
better time to start than now.
If you are looking for a cyber insurance policy for your organization but don’t know how to
make the best choice, check out the Telivy platform. Click here for a free demo.
