Back before payment portals and email theft of your hard-earned customer payment, theft was limited to internal theft, or the then creative mail theft based “check washing.” For those of you too young to remember the practice of check washing that was rampant in the 1980s, it involved stolen checks (either out of mailboxes, post office, or mail drop boxes) and then erasing details from checks using various common household chemicals to “lift” the ink from the check. The “washer” then rewrites the payee and amount, cashes it, collecting cash and wreaking havoc on your bank account.
Fast forward to today’s cash flow environment with email, and surprise—criminals have evolved as well. Cybercrime. Malware, hacking, phishing, smishing and any other “-ishings” that are coming down the internet all present opportunities for your cash flow to get hijacked.
Low Tech, High Tech
Your cash flow is under fire. Most of you won’t even know until well after it happens. Many of you think, “It won’t happen to me” or “We aren’t big enough for a hacker to pay attention to.” Well, my friend, ignorance is the biggest champion of cyber criminals or any criminal activity.
If ignorance is bliss, some of you are downright giddy. Check washing is back, along with selling those hijacked checks on the dark web. Most businesses don’t realize how quickly those missing payments to your company can add up until the totals tally up in the six-figure range. A customer rolls past due and at some point, you reach out to your customer to find out where the payment is. Customer claims to have sent a payment long ago. As no check has arrived, you ask your customer to put a stop payment on the check and re-issue. The customer agrees only to call back a day later letting you know the check cleared the bank, so no reissue needed.
What? You don’t have the money. Now, the investigation is on. The amount of time and trouble it will take both companies working together to claw this money back is astounding. To be clear: when I say claw back, your customer will need to file a claim with their bank who will then start an investigation, at which time the bank will make a ruling for their accountability and if it is their responsibility. You can’t claim it on your insurance as you never had the check in your possession. Your customer still owes you the past due balance, but now you are stuck between coming down hard on your customer to replace the “stolen” payment or let the debt roll while the investigation rages on.
Cybercrime. Malware is a tricky beast. It can sit in your system undetected until someone on your team opens the wrong attachment and boom! Accounts payable and accounts receivable departments are prime targets. If your suppliers do not receive their payments from you or you don’t receive your incoming customer payments, this can cause cash flow chaos for your business.
What’s a Business to Do?
Make a change to reduce the vulnerability. Bare minimum, get a lockbox. Direct customers to send payments there. Lockboxes are a service provided by your bank to streamline the process. Checks go directly to your bank, are scanned, and money is deposited directly in your account.
The better solution? Implement a payment portal. Portals are a secure self-service platform where your customers can make their payments, eliminating the perils of using email and allowing the customer to be in control of their bank or credit card information. Since the customer is logging into the portal, there are little to no cybercrime opportunities to waylay your payments.
Take that portal process one step further with invoice authentications. Your customer gets an email notification they have an invoice available and can log into their account at their convenience. No chance for those attachments to become an attack on your system. Your vulnerability is reduced to a fraction of what it could be. “Merchants often perceive offline check payments as being “free.” When you factor in the delay of waiting on mail to arrive, the potential risk of lost checks, fraudulent payment or check washing, the costs far outweigh the minimal costs of secure, online payments,” says Ryan Ayers, co-founder of Suppli—an A/R and payment portal platform built exclusively for installed building product providers and construction material suppliers. “Look at the ads for any of your national competitors—they’re all spending billions on customer-facing tech to increase security and convenience. If you’re not online, you’re not competitive.”
If materials were stolen from your job sites or out of your yard, you would take precautions, wouldn’t you? So why the resistance to cautionary tales of damage to your cash flow? Cost, timing, fear, habit, silos, turf wars, lack of knowledge on the subject? Yes, yes, yes, yes, yes, yes, and yes! Change takes effort, a champion, accountability, coaching, and training. It forces growth.
In today’s business environment, you can stick with the old school motto of “That’s the way we have always done it” and leave yourself vulnerable, using hope as a business tool, or you can choose to take an active role in problem-solving and protecting your cash flow. Choose wisely.