Guide to Giving
Sponsored  |  Social Innovation

Avoiding Fraud in Online Banking

Tuesday, 16th May 2017 at 8:10 am
Online banking has become the norm, and most people would think of it as safe and secure, with low associated risks, but vigilance is still required, writes Kinh Luong, partner with chartered accounting group HLB Mann Judd.

Tuesday, 16th May 2017
at 8:10 am



Avoiding Fraud in Online Banking
Tuesday, 16th May 2017 at 8:10 am

Online banking has become the norm, and most people would think of it as safe and secure, with low associated risks, but vigilance is still required, writes Kinh Luong, partner with chartered accounting group HLB Mann Judd.

Banks and other financial institutions have done much to make online banking as safe as possible. Banks use encrypted webpages or purpose-built software, which abide by strict regulatory requirements. However, we have all heard horror stories associated with online banking, whether it be personal banking or a business processing a monthly trade payables payment run.

In many cases, it is human error that is at the root of any problems. For example, a payment to an incorrectly input account number can result in a painful and costly recovery exercise.

The human element involved when using online banking can compromise security simply through trust (for example shared passwords), inaction, or inadvertent errors.

At the heart of any online banking system, an authorised signatory gains access via an authentication process, typically a password or token key, or, for more sophisticated systems, a biometric characteristic such as a fingerprint.

These systems in themselves may be secure and reliable, but their use can be compromised in a number of ways. A password can be shared or hacked, a token key can be lost or taken without knowledge.

Vigilance is vital to protect these systems, but it’s not enough on its own. Fraud or error via online banking can occur even without these safety measures failing.

For example, many organisations use a Vendor Master File (“VMF”) which contains the key financial information used by their online banking system, to identify to whom funds are to be transferred. This uses BSB and account numbers, not account names.

The most common way fraud arises in online banking is where someone internally has deliberately altered the BSB and account number to their own bank account, but retained the account name to mask the fraud. Banks do not rely on or check account numbers.

Another scenario is that the VMF details are legitimately changed by the accounts personnel within the company, after being contacted by an external perpetrator who has managed to convince them of a change in bank details.

It’s a good idea to regularly check BSB and account numbers to ensure that they still match those provided by suppliers.

Other ways to improve your online banking system, that require little time or money, include:

  • Passwords – exposure to phishing scams, malware, or the sometimes necessary and one-off sharing of passwords, means this authentication safeguard may be compromised. Lower the risk by using sophisticated passwords and regularly updating these passwords.
  • Two factor identification – using two or more factors in the authorisation process, for example a password plus a token key or mobile verification, easily enhances security.
  • Segregation of duties – for businesses, implementing multiple accounting signatories ensures there is always sufficient personnel available to authorise payments, without the need to share and therefore compromise passwords.
  • Software – there is now software available such as EFTsure, which provides real time verification of the BSB and account numbers to an independently verified database at the critical payment authorisation phase.

HLB Mann Judd strongly encourages clients to review their online banking system, identify the weaknesses, make the necessary improvements and monitor these processes on an ongoing basis.

We also regularly conduct reviews of online banking systems and VMF which ultimately help protect our clients from fraud.

For more information on HLB Mann Judd click here.



We are a premium Event Production agency with over 16 years ...

Vanilla Bean Events

Star enables change within organisations specifically throug...

Star Business Solutions

Helping the helpers fund their mission…...

FrontStream Pty Ltd (FrontStream AsiaPacific)

Established in 1998, StreetFleet is a 100% Australian owned ...


More Suppliers

Get more stories like this



Walkley Foundation’s Storyology Festival – A Must Attend Event for NFPs


Wednesday, 16th August 2017 at 11:58 am

Collaborative Economy Drives Increased Mobility for People with Disability

Wendy Williams

Tuesday, 15th August 2017 at 8:11 am

Designing an Innovative Workplace For Social Impact

Elise Harper

Friday, 4th August 2017 at 2:44 pm

Big Data: An Orwellian Privacy Nightmare or a New Tool for Fundraisers?


Wednesday, 2nd August 2017 at 3:59 pm


Social Impact Investments Could Address Housing and Homelessness

Rachel McFadden

Tuesday, 8th August 2017 at 8:16 am

Govt Releases Social Impact Investment Principles

Lina Caneva

Wednesday, 9th August 2017 at 4:12 pm

Drastic Increase in Couchsurfing Amongst Older Women

Lina Caneva

Monday, 7th August 2017 at 11:56 am

Federal Govt Extends Advocacy Funding – States Called on to Follow Suit

Lina Caneva

Wednesday, 9th August 2017 at 4:02 pm

Write a Reply or Comment

Your email address will not be published. Required fields are marked *

pba inverse logo
Subscribe Twitter Facebook

The social sector's most essential news coverage. Delivered free to your inbox every Tuesday and Thursday morning.

You have Successfully Subscribed!