300 likes | 502 Views
Cash Management Best Practices. Presented to Mississippi Association of School Business Officials. Presented By: Kerrie D. Duvernay February 9, 2010. 0. Goal for today’s session Bank Accounts Strong Security Awareness On Line Banking Wires ACH – Receiving of Debits and Credits
E N D
Cash Management Best Practices Presented to Mississippi Association of School Business Officials Presented By: Kerrie D. Duvernay February 9, 2010 0
Goal for today’s session Bank Accounts Strong Security Awareness On Line Banking Wires ACH – Receiving of Debits and Credits ACH – Origination Disaster Recovery Wrap Up Questions Agenda 1
To provide ideas for consideration when setting up policies and procedures for managing day to day operations of funds held in financial institutions. Safety & Security of Funds / Information Protection from internal and external theft Roadmap for Office Manuals & Establishing Policy Create Efficiencies, not busy work Reviewed and modified annually Auditors “Sometimes the most elementary practice can prevent a loss.” Goal for Discussion of Best Practices 2
Keep Check Stock in secure, locked location Keep Bank Account and other sensitive information locked up overnight or when not in use. Insure documents with sensitive information are properly disposed of (shred) Reconciliation of Accounts Timely, within 30 days of statement cut off date Person Reconciling account should not have access to check stock or signing authority on account. Required signature(s) should be verified on cancelled checks Endorsements should be reviewed Bank Accounts 3
Dual Signatures Required on Checks – “False Security” Responsibility of account holder to review Bank only reviews if check amount falls outside certain parameters Use Positive Pay Service offered by Banks Remit issue file to bank Bank compares issues against clearings nightly Account holder reviews exceptions and makes decision to pay or return Assists in reconciliation Bank Accounts 4
Passwords Use cryptic passwords that can’t be easily guessed (No pet names, favorite teams, children, dates, etc.) Do not write down passwords Be cautious when using the internet Phishing - Watch for sites you are not familiar with that ask for personally identifiable information. Practice Safe E-Mailing If you do not know where the e-mail is from, delete it, especially is asked to click on a link Reputable banks and other companies will NEVER ask you to verify your ID, Password or other information Strong Security Awareness
Secure your area before leaving Do not leave anything with sensitive information on your desk Shut down, lock, log off or put your computer to sleep before leaving it unattended, even if for a few minutes Make sure password is required at start up or wake up This should not be an option to the user and should be turned on/required by IT administrator. Strong Security Awareness
Do not install unknown or unsolicited programs on your computer Lockdown administrative access to the computer to your systems administrator Access level required to install programs on individual computers should be restricted to system technicians Do not put any media into your computer from unknown sources Many devices will have a virus Strong Security Awareness
Make sure your system is protected with Antivirus software, all security patches and updates. Will protect against most major threats; Virus, spyware, malware, etc. Protect your data! Make sure backups of your information is properly protected Repetition – make sure everyone is reminded that information security is everyone’s responsibility! Strong Security Awareness
Understand Security of system & how it works Intelligent authentication, tokens, etc. Use the most stringent password controls available Use maximum length of characters available Use Alpha/Numeric/Special combinations if available Change passwords every 30 days Do not use obvious options for passwords Do not write down passwords and keep at work station Strategically assign administrator(s) of system Administrator has full rights to everything enrolled for If possible, have administrator’s sole responsibility to assign controls of individual users Set up users with dual control whenever funds are moved outside of the bank. (ACH & Wire) On Line Banking 9
Use the system daily! Review previous and current day activity Print reports for staff, management, etc. Utilize other features available: Initiate Stops Initiate Transfers View cancelled checks Export Data On Line Banking
Review current agreement with Bank, verify: How are you set up to remit wires (on-line, phone, fax) Who is authorized? Make sure authorized individuals are kept up to date, including pin numbers What limits are assigned, global and per person Verification process; call back, e-mail Wires
Review ACH debits daily! Un-authorized transactions must be returned within 24 hours Review on line or ask bank about alternative notification method ACH Debit Block / Full or Partial Difficult to use . . . Remember some checks are converted to ACH debits at point of sale or through accounts receivable conversion ACH – Receipt of Debits & Credits
UPIC (Universal Payment Identification Code) Option to safely receive credits Give unique routing number and “pseudo” account number for others to credit bank account via ACH network. ACH debits not allowed using UPIC; automatically returned. ACH – Receipt of Debits & Credits
Know Bank and Federal Holiday schedules Implement dual controls when submitting files to bank; one person create batch and another approve to be released Check status after delivery to insure it was received and processed Verify submission with some sort of validation from bank (change in status, e-mail, etc.) ACH - Origination
Develop procedure (internal controls) for sign off of originated files Sign off should occur by individual without access to systems and should include: Internal accounting/payroll system, with detail Bank’s on-line system, with detail Verification from Bank Responsible for understanding the rules and regulations established by NACHA and Federal Reserve. This holds true for originating transactions or receiving ACH transactions. ACH - Origination
Have detailed plan; make sure consideration is given to short and long term absence from office Consider how financial transactions will occur. Who can do what and how? (Monitor accounts, transfer funds, disburse checks, collect funds, make deposits, pay employees) Communicate alternative phone numbers and addresses to Bank ahead of time if evacuating Know bank’s disaster recovery plan and any potential impact to conducting business Disaster Recovery
Set up a global e-mail address with multiple recipients whenever using e-mail as delivery channel for receipt of information Notify the Bank immediately if suspicious activity/fraud has occurred; every minute counts Use dual control whenever possible Use account officer and cash management representative as a consultant Use products and services available where it makes sense. Should be an integral part of your day to day operations. Wrap Up
Perpetrators will continue to evolve as technology advances Make the time NOW to review your policies and procedures and make necessary changes Spend the time and money to implement services that create efficiencies and protect funds Remember, it requires a lot of time and effort to do the research and implement new procedures when fraudulent activity occurs; not to mention the actual loss! Wrap Up
Your Hancock Bank Team Cash ManagementInstitutional Line of Business Kerrie D. Duvernay Sandy Rogers Vice President Vice President Department Manager Relationship Manager (504) 832-2953 (228) 563-5707 (228) 563-7970 (228) 669-1876 kerrie_duvernay@hancockbank.comsandy_rogers@hancockbank.com Cash Management Sandy Gruich Vice President MS Sales Representative (228) 563-5686 (228) 697-0695 A dedicated team will not only help you manage today’s goals but help you anticipate and overcome tomorrow’s challenges. 20