FDIC-Insured - Backed by the full faith and credit of the U.S. Government
Comerica Logo
  1. Home
  2. Insights
  3. Business Finance
  4. Safe Online Banking: A Business Priority

Safe Online Banking: A Business Priority

Hands typing on laptop keyboard

The cost of cybercrime is higher than ever for organizations. Businesses affected by criminal hacking activity lose, on average, approximately $13 million, according to research by Accenture® and the Ponemon Institute®. Losses can be incurred in the form of damages caused by cyberattackers, the expense of remediation and recovery and the reputational harm that follows a data breach.

Business-banking fraud is particularly concerning. As more organizations rely on online banking to manage finances, they are at greater risk of the same types of internet schemes and fraud attempts that consumers have faced for years. The conveniences of online banking are difficult to pass up. ACH transfers, payroll processing, electronic statements, remote deposit, mobile banking and other types of online merchant services can greatly simplify financial management, and businesses should not necessarily avoid online banking out of fear. They can, however, guard themselves against banking fraud with a thoughtful, strategic and policy-driven approach to safe online banking.

Employ the principle of least privilege

The principle of least privilege is the practice of granting access only when it is absolutely necessary and only to the extent needed for certain work to be done. As convenient as it may seem to provide online banking access to all of the financial professionals or business partners within your organization, limiting those privileges is a critical security measure. The more widely disseminated online banking credentials become, the greater the risk is that they are lost, stolen or otherwise end up in the wrong hands. You likely would not disclose your bank account numbers unless it was absolutely necessary. Take a similar approach to online banking login information.

Leverage two-factor authentication

For anyone who does have access to online banking, make sure they use two-factor authentication. A second factor such as a text message sent to a smartphone could foil hackers attempting to access a checking or savings account using a stolen credential. That second layer can make all the difference. For businesses using mobile banking, it is important to create formal policies that require authorized users to set up password protection for their device, preferably with a biometric component such as a fingerprint or face scan. Businesses should also consider setting up authentication at different stages of account transactions - for example, requiring a PIN authorization for certain account transfers. Monitor daily ACH and other online activity and notify your bank immediately upon detection of suspicious activity.  

Promote education and awareness

Employees - especially those granted access to sensitive financial materials - must be made aware of banking fraud risks. Phishing manipulates or tricks users into willingly handing over personal information such as Social Security numbers and online banking credentials. Teach personnel to avoid these schemes and stay safe by:

●       Bookmarking the online banking homepage to avoid accidentally logging into "look-alike" sites that steal credentials.

●       Never clicking on links or downloading file attachments from unknown senders.

●       Contacting the bank directly if they receive emails claiming the account has been compromised or that you need to change your password.

●       Verifying any email requests from higher-ups to transfer money through a second channel (in-person, over the phone) just in case it is a fraudulent attempt via business email compromise.

●       Never storing login credentials, bank account numbers, company credit card numbers or company debit card numbers on any devices.

●       Never inputting company debit or credit card numbers into untrustworthy websites.

Create formal policies about these and other cybersecurity measures, and review them with employees frequently. Employees are often their own worst enemy when it comes to cybercrime, which makes proper awareness and education critical. 

As the Leading Bank for Business1, Comerica Bank goes to great lengths to ensure the safety and security of its online banking services. Contact an expert today to learn more about how we secure business banking accounts.



This information is provided for general awareness purposes only and is not intended to be relied upon as legal or compliance advice.

This article is provided for informational purposes only. While the information contained within has been compiled from source[s] which are believed to be reliable and accurate, Comerica Bank does not guarantee its accuracy. Consequently, it should not be considered a comprehensive statement on any matter nor be relied upon as such.

Comerica ranks first nationally among U.S. financial holding companies with greater than $60B in assets, based on commercial and industrial loans outstanding as a percentage of assets, as of December 31, 2022. Data provided by S&P Global Market Intelligence.

Related Content

Site Navigation

  • Member FDIC
  • Equal Opportunity Lender
  • Equal Housing Lender E
  • NMLS ID 480990
Do Not Sell or Share My Personal Information (CA Residents only)
© 2025, Comerica Bank. All rights reserved.
Comerica - Raise Your Expectations