The FFIEC says banks should never rely on any single control for authorizing high-risk transactions. The higher the risk with a given transaction, the more controls that should be put in place. In general, customer transactions are less risky than commercial ones, the FFIEC notes.
According to NACHA, banks should monitor consumer and commercial accounts on a daily, weekly, monthly and quarterly basis for unusual activity, while also ensuring that security procedures and tools are kept up to date. Procedures should be in place for how to handle transactions that seem out of the ordinary. Banks should also be tracking failed attempts to log on to an account, NACHA says. For commercial accounts, the association also recommends establishing file and exposure limits, as well as processing schedules, for originating customers.
Jonathan Camhi has been an associate editor with Bank Systems & Technology since 2012. He previously worked as a freelance journalist in New York City covering politics, health and immigration, and has a master's degree from the City University of New York's Graduate School ... View Full Bio