IMPORTANT: Holiday Foreign Currency (FX) Wire Cutoff Time: Please be advised of special cutoff times for International Foreign Currency (FX) OUTGOING wires due to upcoming holiday schedule. On Wednesday, November 26 and Friday, November 28, the cutoff time for submitting accurate and complete FX wire requests is strictly 10 AM PT. Please plan your submissions accordingly to ensure timely processing. Our branch offices will be closed on Thursday, November 27 in observance of Thanksgiving Day and will reopen on Friday, November 28. 
Find your banker
View All
Fortify Your Defenses: Proven Fraud Prevention Best Practices From Our Clients
In today's fast-paced business environment, protecting your company's finances and data from fraud is more critical than ever. We have compiled a list of simple, high-impact fraud prevention best practices straight from the experiences of companies of all sizes. These companies have successfully beaten down fraud risk, and we are proud to highlight the best of the best. These are achievable steps that business owners like you are taking to significantly reduce their vulnerability.
Key areas of prevention
Payment fraud protection
Implementing a robust system for managing payments is your first line of defense against check and electronic payment fraud.
- Implement Positive Pay: Utilize the bank’s Positive Pay service for both paper checks and electronic debits (ACH); including payee-name matching. This service automatically compares checks and ACH transactions presented for payment against an authorized list you provide, flagging unauthorized items for your review before funds leave your account.
- Move Beyond Paper Checks: Where possible, migrate away from paper checks entirely. Establishing ACH origination (direct payment) to pay vendors and employees is more secure, faster, and provides a clear audit trail, significantly reducing the risk of check fraud.
- If You Must Use Checks, Use Security Features: If paper checks are unavoidable, use high-quality check stock with advanced security features. Look for features such as chemical wash protection, toner adhesion, and watermarks that make photocopying or chemical alteration difficult or impossible. This differentiates your checks from inexpensive, easily copied stock, making it more difficult for criminals to negotiate. Another great alternative is to use the Bill Payment service available in online banking; check payments are sent out with more security, bypassing unmonitored outgoing mail locations and postal service drop boxes.
Monitor and alert setup (online and mobile)
A review by employees can miss transactions; automated alerts provide real-time defense.
- Set Up Real-Time Alerts: Use your bank's online or mobile channels to set up immediate alerts for key activities. This is one of the fastest ways to catch unauthorized activity. We recommend setting alerts for:
- All large transactions (debits/withdrawals above a low threshold you set). Monitor all types of activity including ACH/electronic debits, wire payments, Bill Payments, transfers, and checks cleared.
- Changes to security settings, such as a password reset, a change to your phone number/email on file, or a new device logging in.
- Low balance warnings, to ensure you are aware before critical payments are rejected.
- Electronic Notifications: Carefully examine ALL notifications for ACH payments, bill payments, and wires submitted through online banking. These services send automatic notifications to specified users for activity, giving you the opportunity to address errors and fraud before it occurs. Contact us to discuss security enhancements.
- Review Accounts Daily: Make it a strict policy to review your bank accounts and credit card statements daily for unusual or unauthorized activity. The faster you spot and report fraud, the higher the chance of recovery.
- Timely Reconciliation: Reconcile your bank accounts with your accounting records promptly each month.
Cybersecurity and employee training
The human element is often the most significant vulnerability. Training employees to be savvy about online security is essential.
- Crucial Security Warning: Please remind your entire team: We will NEVER ask for your full online banking login, mobile banking username or password, or debit card PIN. Any email, text, or phone call asking for this information is a fraud attempt.
- Train for Social Engineering: Criminals often use social engineering through emails (phishing), texts (smishing), and calls (vishing) to manipulate employees into leaking sensitive information. The evolution of AI powered social engineering attacks craft flawless impersonations, collect vast amounts of information, and exploit human psychology like never before. When this sensitive information (like credentials or internal procedures) is compromised, the damage to your business can include:
- Direct financial loss from unauthorized wire transfers or fraudulent payments.
- Data breaches involving confidential customer information, employee PII (Personally Identifiable Information), and trade secrets.
- Infection with malware or ransomware that can shut down operations, leading to costly downtime and recovery fees.
- Reputational damage and loss of customer trust.
- Always Verify Payment Changes: NEVER rely solely on an email for changes to vendor or third-party payment instructions (bank account number, routing number, etc.). Criminals frequently compromise email accounts (Business Email Compromise or BEC) and send fraudulent change requests. Always call the third party at a trusted, previously known phone number (not one provided in the suspicious email) to verbally confirm any change to payment details before processing a transaction.
Additional high-impact best practices
In addition to the above, we highly recommend focusing on these two fundamental areas:
Separation of duties (internal controls)
Fraud is far less likely to occur—or is caught much sooner—when no single employee controls an entire financial process.
- Separate Functions: Ensure the person responsible for handling payments (writing checks, initiating wires) is not the same person who records transactions in the accounting system, nor the one who reconciles the bank statements.
- Dual Authorization: Require a second signature or digital approval for any large-dollar payment or for adding new vendors to your payment system.
We know you will be better protected with these best practices, but if you experience an attempted fraud, please contact us as soon as possible at (949) 732-4000 or (323) 556-6544 so that we may help you further secure your account.
Fraud prevention is an ongoing partnership. By taking these achievable steps, you significantly strengthen your company’s defenses against both external and internal threats. Please feel free to call us to discuss how we can help you implement these best practices.
For additional information regarding fraud and tips to help protect yourself and your business, visit our Resource Center on pbofca.com. If you have any questions or need assistance regarding online banking or any of our products and services, please email us at onlinebanking@pbofca.com.
