Unfortunately, it seems like we hear major retailers report breaches of their customer’s private data almost weekly. But businesses themselves are also subject to identity theft, and unfortunately, they are more apt to not discover the theft until much later in the game, after significant damage has been done.
Businesses identities can be stolen in various ways. Often, bank account information is accessed through cyber attacks, and then purchases are made or money withdrawn. Sometimes, thieves will make such a big splash that the theft is immediately noticed, but many thieves are more gradual, and purchases or withdrawals are made over a period of time, often going unnoticed.
Thieves may also obtain identifying information with which to open new accounts that are unknown to the company. Detection may not occur until the business experiences a credit problem or receives a communication regarding an account of which it has no knowledge. Again, this can go on for an extended period of time.
Businesses must be vigilant to prevent such thefts. Protecting business records and information is one means of protecting your business. There are two main ways information falls into the hands of thieves: 1) electronically and 2) via paper. Proper security on company computer networks is essential to preventing cyber attacks. Software with a proven track record should be purchased, or an information technology consultant should be hired to provide such a service.
With paper, it can be as simple as preventing “dumpster diving.” This means making sure that your paper waste is disposed of in a way that prohibits sensitive information from being accessed after it leaves the business premises. Use of shredders or a shredding service is the easiest way to accomplish this task.
While prevention is the first line of defense, detection is the second (and early detection is critical). Businesses should regularly access their credit profiles with Dun & Bradstreet, Equifax, Experian, or TransUnion to determine if there has been any activity not authorized. Bookkeeping should be kept up to date, particularly accounts payable.
Similarly, the state office (typically the secretary of state) which registers businesses should be contacted to verify that the information they have on file is correct. In some cases, a thief will make changes to business registration information in order to pose as an authorized representative of the company and steal from its accounts, access lines of credit, or establish completely new accounts. You can reduce the likelihood that this will happen to your business by regularly verifying that the proper information is on file.
Focusing on these “paperwork” parts of business can be the least enjoyable for business owners and sometimes end up not getting done. If that’s the case for you, contact us to schedule a LIFT Audit of your legal, insurance, financial and tax systems so we can identify any holes, and devise a plan with you to fill them.
This article is a service of Jill Gregory, Creative Business Lawyer®. Make an appointment today to discuss any questions you have about business identity theft, or schedule a LIFT Start-Up Session™ or LIFT Foundation Audit™.