Let’s face it, money is always going to be an attractive target for thieves, scammers and those willing to bribe and be bribed. Therefore, take time periodically to ask a few questions about the way money comes in, goes out and is routed, controlled and secured for your enterprise.
Every company takes in revenue and spends money to support the business. Every nonprofit enterprise also has to handle money – to buy supplies and pay staff, to take contributions and grants. Reviewing rules, responsibilities and costs is prudent risk management.
What do we mean by “payments?”
Payments include all the different ways that money can move between two entities, whether businesses or people, or one of each. Generally, payments include cash, checks, credit cards, debit cards, wire transfers and the automated clearinghouse (ACH). There are also various cyber- or cryptocurrencies not currently in wide use despite the press coverage. As a business manager, your payment goals include making it easy for customers to pay, to easily send and track outgoing payments and to keep costs and risks low.
I want to distinguish these from the device used to make a payment. For example, payment transactions initiated from a mobile phone might follow a credit card, debit card or other path.
Who do I call when something goes wrong?
Your business might have a single provider for all your payment needs, most likely a bank or payment processor. As the market and options have become more diversified, so too have the number and types of providers. Thus, an organization with physical locations, such as doctors’ offices or retail shops, as well as online retail or wholesale operations might end up having multiple service providers for different parts of the business. With each vendor, trace the entire path that money can follow and specify who will find and fix a problem at each step.
Who absorbs the costs of something going wrong, whether it’s broken technology, misrouted transactions, fraud or theft?
Don’t assume that your business is protected against the cost of things gone wrong. Those rules about protections for credit card and debit card are consumer protections and a business that accepts credit cards is not the consumer.
Those purchase cards or travel cards that you issued to key employees to help them pay for business purchases are not covered either, because your business is not the consumer. And since October 2016, the risk for point of sale card transactions using magnetic stripes, rather than the newer chip card readers, is absorbed by the merchant. Chip card transaction losses flow to the merchant’s bank. Checks screened or converted to e-check transactions – which are really ACH debits – at the point of sale might also earn better indemnity protection or lower processing fees than unscreened checks.
As with all other business arrangements, read the contract carefully to make sure you are comfortable with all its provisions and ask lots of questions. Call your business insurance company and see what kind of coverage you can get there.
Do online transactions require or fall under cyber-risk coverage? How much will these payments cost?
Costs vary depending on where and how the money moves. Costs generally include equipment, ongoing service and per-item charges, and a business’ needs for each depends on physical location, method of communication and type of payment.
Cost differences do not necessarily reflect risk. Fees for credit and debit cards at physical locations, for example, are frequently lower than for payments accepted online or over the telephone. For point of sale transactions, chip cards provide more security than jotting down a phone number during a telephone call, while enabling an operator to screen the card number in real time incurs a service fee but may pay for itself by reducing risk of bad payments. Similarly, taking chip cards at the point of sale is more secure than magnetic stripe cards and so fees are lower, but you have to install or upgrade your card readers and software, which won’t likely be free.
Business-to-business payments such as wire transfers can carry significant fees, but bring advantages. Business-to-business and business-to-consumer payments made via the ACH can be quite inexpensive. These payments include e-checks and direct deposit for payroll or reimbursements. Some types of B2B payments can be made cost-efficiently via purchase cards or “cardless” card transactions.
When is the money finally mine or the other party’s?
This question really encompasses two topics: first, when will the money from today’s sales show up in the business’s bank account and, on the flip side, when will the money being paid out actually move from my business’ account to the supplier-side business? Second, when will I know that the money is really mine and can’t be reclaimed?
Consumer protections for credit cards enable chargebacks for fraudulent transactions. Checks can bounce and ACH debits, including e-checks, can be returned as well. Wire transfers, on the other hand, are final and cannot bounce or be reclaimed once your bank releases the instructions or receives the payment. Wire fees are much higher than for other transactions, but if you are buying or selling a business, a building, substantial property, insist on a wire transfer.
Which payments are best for my enterprise?
You know the answer: It depends. And, probably more than one type. It’s likely worth exploring your options.
Michele Braun directs the Institute for Managing Risk at Manhattanville School of Business and is managing executive of The Crossway Group LLC, a consulting and professional training firm. She can be reached at email@example.com or at firstname.lastname@example.org.