Last month, I attended my first fraud seminar EVER in my life. It just hadn’t been a part of my former professional worlds nor a topic I would seek out for excitement and adventure, [imagine that.] But, now that I work for Bremer Bank and was asked to attend, there I was, waiting for the presentations to begin while I fueled up on freshly brewed coffee and started drafting my holiday newsletter mailing list. Then it started, my introduction to phishing, malware, account takeovers and social engineering.
Per the Hacker’s Jargon Dictionary, Social Engineering is defined as “a term used among crackers and samurai for cracking techniques that rely on weaknesses in wetware rather than software; the aim is to trick people into revealing passwords and other information that compromises a system’s security.” I couldn’t believe how interesting I found these topics to be, so I started taking notes as we progressed through IT and Security Controls, Best Practices and the Payment Fraud Landscape.
Each time a speaker mentioned how this information affected the nonprofit sector, my notes increased in quantity. How could I be so naïve to think that fraud would be boring? Quite the opposite. I learned that nonprofits are prime targets for fraud, especially those that have smaller, less-sophisticated security systems. Nonprofits are businesses and should be run like a business.
That said, I ask you: What makes your organization vulnerable to fraud? Which business activities put your nonprofit at greatest risk? Where can assets be misappropriated? Where might corruption or financial statement risk exist? Each nonprofit should conduct a risk assessment to answer these questions. Consider the following preventative controls: providing employees with fraud awareness training, implementing policies and procedures, segregating duties, establishing passwords and physical safeguards to restrict unauthorized access and ensuring alignment of responsibilities, authority and incentives. Thank goodness for the FBI Cybercrime Agents, who are working very hard to combat fraud and corruption. Did you know that one in every four seconds, another malicious website appears on the internet and the hackers favorite targets include nonprofits and schools?
So, as you are doing the good work for your community, know that there are other forces out there doing their work and the two missions are not compatible. See for yourself at http://www.privacyrights.org/ and check out the data base. See also online.securityfocus.com/infocus/1527 and http://www.cisecurity.org/.
Managing risks associated with your financial services functions can be a daunting talk. Bremer Bank believes that we should partner with our nonprofit clients to help you effectively manage risk, whether it’s sharing best practices or offering products and service that best meet your risk management needs. We’re here to help you identify risks to your nonprofit and suggest when additional controls should be exercised. Your Nonprofit Bremer Team is always ready to discuss tips and Treasury Management products to help you mitigate financial risk. Call your Nonprofit Resource Specialist today to set up a 3-D meeting. Discuss-Discover-Design.
Thank you to LarsonAllen and Bremer Bank for the absolutely fascinating seminar. The morale of the story: don’t judge a fraud seminar by its topic. Now back to the holiday mailing list…..
Amy Wyant, NRS, Brainerd
No comments:
Post a Comment