November 6, 2022

Hemo Nonprofit? Beware!

We had a real scare the week of Halloween… cyber thieves had raided our corporate bank account and were draining it. Luckily my bookkeeper and I noticed some odd and large withdrawals when reviewing the books, and we alerted our bank right away. It was a substantial amount for us—we are a small business—and yet we were not too worried. We had read that bank accounts were protected by the FDIC up to $250,000 and that we would be reimbursed our money. Right?

Boy, were we in for a shock.

The FDIC insures back account deposits up to $250,000 for private accounts. Not corporate. While we noticed about half the theft amount within 24 hours of it being withdraw, which the bank would return (because they could reverse the charges right away), the rest was not guaranteed. The bank assured us they were in their rights to not give us the stolen money.

Some research on-line confirmed it. The bank seemed to think we should have already known this as standard procedure. But I realized that if I thought we were insured, I bet many other business owners were also not informed of this. I began polling my local friendly businesses, and no one knew of this rule. Meaning, everyone was at risk of cyber thieves, who, as our bank told us, are getting more savvy and more bold.

GlobalSign cites a report Accenture and the Ponemon Institute that says the rate of breaches in the financial industry has tripled over the past five years. “The annual economic cost of cyber crime, as reported below, is now estimated at north of $1 trillion, a multiple of 2017’s record-year aggregate cost of approximately $300 billion from natural disasters.” And only 5% ever get caught.

I went to the local police to file a report, mostly as proof to the IRS, as I thought we would need to declare a loss. But fortunately, the bank’s fraud department reviewed our case and awarded us all the money back. I thought they would try to track down the thieves, but that would cost them more than was stolen, probably. I realized that their fraud department probably just wanted to ensure I was not the thief! I supposed that happens too.

So, I want to warn my small-business friends, and all our hemophilia nonprofits: please speak with your banks about protecting your assets from cybercrimes. If it can happen to me, it could happen to you. And I don’t want to ever have to deal with this again, if I can help it, and I don’t want you to either.

Call your bank this week!

HemaBlog Archives