Fraud is growing and becoming more difficult to detect. Not matter how big or small your company is, you are at risk of becoming a victim of fraud.

Luckily, with the right internal procedures, you can protect against it.

Dual custody is one of the most effective deterrents against all types of fraud.

It requires two users on separate devices to initiate and approve payments or administrative changes.

Here’s an example of how dual custody might function:

Kayla and David both work in accounts payable at ABC Corporation.

Only Kayla can initiate payments and administrative changes, and only David can approve them.  Neither has access to both initiating andpayment functions.

Let’s suppose Kayla receives an urgent email from the CEO of ABC Corporation requesting an urgent wire transfer to a client account. He includes the wire transfer details of the client in the email.

Kayla, not wanting to disappoint her CEO, uses the information in the email to quickly initiate the transfer.

Despite her good intentions, Kayla missed a key step in dual custody—she failed to verifybefore initiatingpayment.

Luckily, dual custodyprovides double protection against fraud—it gives users a second chance to spot fraud before it occurs.

When David is notified of the pending payment, he follows the correct process.

When he calls to verify the request, he discovers that the wire transfer request was fraudulent. The request was made by an imposter posing as the CEO.

David does not approve the payment and as a result, he successfully protects the ABC Corporation from fraud.

This is just one way dual custody might be implemented. It can be used across different transaction types including foreign exchange, ACH, and wire transfers; and administrative tasks, like changing user passwords and authorizing new users.

If your company doesn’t already use dual custody, implement it as soon as possible. Not only is it one of the best fraud deterrents, it’s also free and easy to use.

Remember, for dual custody to work, verify before initiating and before approving. Users should initiate and approve on separate devices.

Don’t forget to notify vendors about your internal procedures. They’re more likely to be understanding of any inconvenience if they know it’s for their benefit.