Standard wire verification templates can mitigate losses

Fraudulent electronic transfers continue to plague the banking industry. As criminals become more creative in how they target your customers, it becomes increasingly important for your staff to follow standard verification and documentation procedures. Implementing standard procedures is a best practice, and they should be followed for all transfers in an effort to prevent or mitigate fraud. In this article, we present a template of one possible wire transfer verification form to use at your bank.
I. Basic Wire Information
The purpose of the first section of a wire transfer verification form is to capture the basic information necessary to consider the request. Most of the information gathered here is simply for administrative purposes. Comprehensive forms require the bank employee to gather information such as the name of the customer/business requesting the transfer, the dollar amount of the wire, the account number and type of account. The first section of a wire verification form also helps your employees determine the type of wire, the level of the account relationship with the customer and the appropriate fee for the wire.

II. Call Back and Verification Procedure Requirements
The call back and verification procedure section is critical and it should spell out the necessary steps to verify the legitimacy of the wire. Here you should list the forms of identification/documentation you deem to be acceptable. Provide a space for your employee(s) to sign-off after they have reviewed and verified the documentation.

Typically, in order to provide clarity as to the specific verification steps required, this section of the wire transfer verification form is organized into logical categories based either on the dollar amount of the wire, or the method in which the transfer request was received.

For instance, many banks begin by segmenting this section by the dollar amount of the transfer, such as: $5,000 or less; $5,000 up to $25,000; $25,000 or more. Other forms structure this section based on how the instruction was received: in-person, phone, fax, email, and/or written correspondence. You may also consider organizing this section based on recurring and non-recurring transfers.

Naturally, the required verification procedures should correspond to the associated risk of the request. A $50,000 wire transfer should be scrutinized more closely than a $5,000 transfer, and an email request should be reviewed in more detail than an in-person request. At a minimum, even for low risk transfers, it is prudent to pull and verify signature cards, review and store any written correspondence including copies of emails, fax cover sheets, envelopes and any other documents provided, and verify phone numbers, email addresses, names, social security numbers and other personal security information.

We strongly recommend confirming that a written funds transfer agreement is in place with your customer. Many insurance policies require a written funds transfer agreement between a bank and its customer as a condition precedent to coverage. The written funds transfer agreement authorizes the bank to rely on email, voice and fax instructions to transfer funds. Ideally, it should contain an instruction verification mechanism, other than signature comparison, agreed to by the bank and its customer. It is typically required for both retail and commercial customers. Designate a spot in your agreement for an employee sign-off after the agreement is reviewed.

As you consider what categories make sense for your institution, you should evaluate the relevant parts of your financial institution bond to ensure your security steps satisfy the policy language. For example, if you segment your form based on the dollar amount of the wire, make sure that you understand the callback requirements in the computer coverage part. Some bonds require a call back on any wire over the policy deductible; others set the threshold at a specific amount such as $25,000.

III. High Risk Wires
Many banks further segment their call back and verification procedures or create an entirely separate section for high risk wires. “High risk” varies from one bank to another, but generally includes international transfers, requests made by new customers, and phone/email instructions from unknown numbers/addresses.

Out-of-pattern requests should be considered high risk by all banks.

  • Does the account have a history of wire transfers?
  • Is the dollar amount in question unusually high?
  • Is a small, locally owned business requesting a large wire to a destination that seems unusual?

Many of the well-documented stories of large wire losses involve atypical or out-of-pattern requests. Consider designating a special area within the high risk section of your form to draw attention to these transactions.

You should also designate all transfer requests made by elderly customers as high risk. Unfortunately, the elderly are more prone to fall victim to fraud, and instances of financial abuse against those 65 and older are increasing.

Your verification form should outline specific steps for bank employees to take when a wire is high risk. In addition to the standard verification steps taken for all transfers, require your employees to obtain a driver’s license number, or have the customer detail the most recent transactions made on their account, or provide the last four digits of their ATM/Debit Card. Some banks take this even further by requiring the account holder to appear in person for all high risk transfers.

IV. Approval Authority
The final section of a good verification form should summarize the request (dollar amount and how the instruction was received), confirm all necessary security steps were completed, outline the level of approval authority by position, and require the employee(s) to sign the form. Only then should a transaction be completed.

Any discussion relating to policy language and/or coverage requirements is non-exhaustive and provided for informational purposes only. For details on coverage provided by your specific policy, please refer to your policy.