By Jennifer Olson / Published February 2021
Banks are highly regulated by the state and federal institutions that govern them, and one of the criteria they are rated on is the safety and internet security they provide to protect customers’ financial information. Banks work hard to ensure their firewalls are strong, online banking is secure, and no information is available to anyone who is unauthorized to view or have that information. In the world of association banking, many of the weaknesses in the information system come from inadequate security on the bank customer’s side of the transaction. Some examples of possible breaches and ways to prevent them are as follows:
Part of this problem is that signers who have access to account information may change each year with the election of new board members. What is the solution? The association should monitor bank signature cards to make sure they are up to date and any non-board signers are removed from the signature cards. Signature cards should be checked and updated whenever there is change on the board roster (at least annually).
If online access has been set up for members of the board, the association must make sure that the access is removed by the bank if that person is no longer on the board. Each board member who needs to have online access should have a separate online sign-on and password. If the manager or management company has online access, please be sure to notify the bank and cancel access when management changes are made.
Please update authorities when board members or management changes.
Keep all banking passwords secure, and each individual who needs to have access should have his or her own sign-on and password, with access only for information that he or she needs to have.
Most banks that have online bill pay services do not provide adequate controls for the way an association would use this service. These bill pay services are more compatible with a single user accessing his personal account, which most of us are familiar with. If an association plans to use an online bill pay service, it is important to understand how the service will work—what kinds of controls and oversight will be available. There are some great bill pay services out there, many that are independent providers that may work with your bank and your management company. It is most important to do your homework to ensure you know what you are getting with these services.
Condominium associations are prohibited from using debit cards for the payment of association expenses. Homeowner associations are permitted to use debit cards for association expenses, but this is not a recommended practice. Never tie a debit card to the homeowner association’s main checking (operating) account. If you must use one, open a separate account with a small balance and tie it to that account. When receipts are brought in to reconcile the account, the account can be funded by a transfer from operating.
Establish an internet policy regarding employee internet usage and perform an annual risk assessment for all online accounts (management companies).
This computer should not be connected to your business network and should be used for online banking and cash management only. Do not store any passwords on this computer.
Block access to any unnecessary or high-risk websites that feature adult entertainment, online gaming, social networking, and non-business email. These sites can inject files into your network. By adopting these simple procedures, you can help ensure that your association’s bank accounts are secure.
Vice President, Association Banking Group for Centennial Bank
Jennifer Olson is a Vice President of Association Banking Group for Centennial Bank. Centennial Bank, the private bank for business, specializes in loans to all types of community associations—condominiums, co-ops, and HOAs. Loans are provided for repairs, capital improvements, insurance premium financing, and low closing costs. For more information, call (561) 236-3378 or email firstname.lastname@example.org. You can also visit www.my100bank.com/association-banking.