Chances are you’ll face more security threats this year. Are you ready?  Whenever the economy slumps, more would-be fraudsters are minted. Part of it is that people are desperate for money and get tempted by the apparent ease with which they can steal.

Others take advantage of everyone else’s fear, and use seemingly legit offers to con people — and companies — out of their money.

There are signs it’s already happening. The SEC has pursued 88% more enforcement actions related to securities fraud this year than it did in 2006. And the FBI recently said it expects its fraud investigations to increase from 38 cases last year to hundreds in the next year or two.

Internal solutions to internal and external threats

No matter how unlikely it seems that Betty in the next cube could be embezzling, or that a fake vendor could get its invoices approved and paid, it’s smart to take preventative steps now.

Your best bet is a two-prong plan to ensure that:

• no one inside the company has the ability to commit fraud, and
• if anyone from outside attempts financial shenanigans, that you’ll be able to catch it right away before any damage is done.

Start by doing an internal review of procedures to find any weak spots and shore them up first. And if you were debating any changes to procedure that might tighten controls, start implementing them. (Upper management isn’t going to grumble about changes or time lost if you can explain how this will help save money long-term.)

Once Accounting has done its part, there’s still one more step: Explaining the changes to other departments. If they aren’t on board, your controls won’t be fully effective.

Granted, you don’t want to give away too much detail — otherwise, you could actually make some types of internal fraud easier. But there are  a few key things you’ll want to communicate to employees:

• Controls have been made even stronger, and their compliance with new procedures is expected
• A way for them to report any suspicious activity they see so it can be investigated, and
• A list of fraud prevention red flags so they know what to look for when dealing with people outside the company.

Are you worried about more fraud attempts this year? What are you doing to shore up your procedures? Share your ideas in the comments.

The Service is reporting a series of new phishing attempts. The sophisticated messages use IRS’ own logo and graphics and appear to come from a legitimate .gov e-mail address.

The messages highlight year-end financial/accounting procedures and ask you to confirm or submit account numbers and other financial info.

Remember: IRS never e-mails taxpayers directly regarding individual account or tax information.

If you get one of these messages, IRS asks that you forward it to phishing@irs.gov so they can investigate it.

Whether your company’s bank is one of the big nationals or a small regional one, the financial crisis they face is bad news for your Accounting processes. You can’t open a newspaper without hearing about another bank laying off workers and watching its stock price drop another 5%. That bad news isn’t limited to those directly impacted. All the changes banks and related finance companies are going through right now will have a real effect on how you interact with your own bank.

Smart Money identified three trouble areas you’ll want to keep an eye on — and ways to make sure you can minimize their disruption in Accounting:

1. Increased fees – Banks are hurting and to make up lost revenue, you can expect them to add new fees and hike existing ones. Worse, because several foundering banks — large and small — have been bought up by those that remain, there’s less competition for your business. So if you do face onerous hikes your company will have less leverage to negotiate a better deal with either your current bank or another. Action step: Review procedures to see if any small changes can help you minimize the effect of higher fees. One example: Eliminating a check run a month by switching to direct deposit for employee reimbursements.
2. More scam attempts – Disgruntled ex-employees, cash-strapped workers and plain-old-fashioned desperate con artists are likely to increase their attempts to part your company and its hard-earned money. Most banks are reporting an increase in the number of cases of phishing attempts. There are also reports that more confidential account info has leaked. Action step: Most scams can be prevented with procedures you already have in place. More than ever, it’s time to be vigilant. Make sure any relevant staffers (in or out of Accounting) know the red flags — and how to handle them.
3. Reduced security — Having laid off staff and outsourced some important functions like IT, bank security isn’t at its strongest right now. Action step: There’s not much you can do to clean up your bank’s procedures. But you can be extra careful when reviewing account statements. Reconcile statements at the first chance you get. If the worst happens and you are a victim of fraud, getting an early jump on it is the best way to ensure you not only nip it in the bud, but also get your money back.

That may not seem like a huge number, but that doesn’t include the many other scams, check fraud attempts and other schemes that criminals may attempt.

To make sure your company isn’t among the companies hit in the next year, your best bet is a good defense. Take some time to sit down with IT and other stakeholders in your company to discuss ways that your sensitive financial data could be vulnerable to threats internal and external.

These days, any smartphone, portable music player or keychain-sized USB drive can “slurp” data off your company’s computer. You’ll need policies and other protections in place to make sure you can cut would-be crooks off at the pass.

Web surveillance at work is increasingly common. In fact, 66% of companies said they monitor usage in a recent American Management Association survey.  They’re primarily interested in inappropriate surfing — visiting porn, gaming and social networking sites.

But companies are also getting much more careful about allowing certain portable devices into the office. Cell phones, portable USBs, even iPods and similar devices can be used to suck information from company computers. That’s bad news in any department, but in Accounting, it can be particularly costly.

Best bet: If your company doesn’t already have a policy, push upper management to put one in place. Even if you lack the resources to check employees’ computer access as thoroughly as you might like, having an enforceable policy will:

1. Force employees to think twice before abusing their privileges, and 
2. Allow you to react appropriately if anyone does misuse company info.

Most of the cons are targeted at individual taxpayers, but two have companies squarely in their sights. Watch out if one of these messages lands in your in-box:

1. Company report scams — An e-mail that looks like it was sent from an IRS.gov address. It’ll also mention you (or a colleague) by name as well as your company name, which can make it look legitmate. The message asks you to download a “company report.” If you do, you’ll also be downloading malware that could hijack your computer.
2. Tax court scams — This e-mail appears to have been sent from the U.S. Tax Court. It’ll have an attached document which it claims is related to a court case between your company and IRS. If you download the document, you’ll be opening the door to viruses and other malware.

It’s worth reminding the rest of your Accounting colleagues, IRS generally won’t contact you by e-mail. If you get a suspicisous message that appears to be from IRS, forward it to phising@irs.gov  that helps the Service track and find these would-be scammers.

On March 20, 2008, Colorado state legislature and the governor signed off on a bill which allows companies to pay employees via paycards as long as two requirements are met:

1. Employees are provided access to the entire amount of their paycheck at least one per pay period, and
2. Employees can choose to use other means (paper checks or direct deposit) to receive their wages.

What’s in it for companies? Paycards eliminate time spent cutting paper checks and dramatically reduce the risk of fraud. They’re just as secure — and cheap — as going with direct deposit, but they can have a much higher enrollment rate. The cards are immediately loaded with an employee’s wages on payday, but employees don’t need to have a checking account to receive their money. It’s a win for both parties: Payroll gets the security boost and time-savings it needs, and employees get their money as quickly as possible.

If your company’s in Colorado and you think paycards might be the next great thing for Payroll, you’ll want to make a note: Although the legislature was signed and passed by the governor, you’ll still need to wait until (at least) August 6, 2008 before the act is put into effect. Luckily, that gives you just enough time to research vendors and set a system up.