Many business banking customers who experience online banking fraud and other types of fraud are likely to switch banks, according to a survey released Tuesday.
According to a survey of 533 employees at small and midsize companies in the U.S., 40% of businesses that experienced fraud moved some or all their business banking accounts elsewhere. Eleven percent of these businesses terminated their banking relationship entirely, while 29% moved their primary account to another bank.
"When a business gets hit by fraud or attempted fraud, they are likely to use that as a watershed event to decide whether to stay with their bank," said Terry Austin, president and CEO of Los Altos, Calif.-based online fraud prevention company Guardian Analytics Inc., which commissioned the survey by the Ponemon Institute LLC.
More than half (55%) of those surveyed in the 2010 Business Banking Trust Study reported experiencing a fraud attack in the past year; 58% of the attacks were online.
Federal officials issued alerts last year about a surge in attacks on online business banking accounts belonging to small and midsize companies. The FBI estimated the losses from ACH fraud scams against SMBs at approximately $100 million.
According to the survey, in 80% of fraud cases, banks failed to detect fraudulent activity prior to a transaction, and in 87% of cases, banks couldn't fully recover the stolen money. Fifty-seven percent of survey respondents said they were not fully compensated for their losses.
Sixty-seven percent of those surveyed said their bank is ultimately responsible for protecting their accounts, but only 30% said their bank has strong security.
"There's a lot of opportunity for banks to do a better job," Austin said.
One step banks can take is to improve communication with their business banking customers about their security policies, he said. Twenty-four percent of those surveyed said their banks don't explain their policy for protecting business accounts from fraud.
Hillary Machinery Inc. is in the process of moving its accounts to another bank after being victimized by online banking fraud late last year, said Troy Owen, vice president of sales and marketing at the small, 20-employee company in Plano, Texas. After the cyberattack, Hillary Machinery was sued by its former bank, Dallas-based PlainsCapital, in a highly unusual case that was initially reported by journalist Brian Krebs on his blog.
Last month, the company countersued PlainsCapital over the cyberheist, in which criminals stole about $800,000 from one of Hillary Machinery's commercial accounts; the bank recovered almost $600,000.
"We're a fairly healthy company. It didn't kill us," Owen said of the fraud loss. "But it forced us to put off some hiring plans."
Security was the top consideration in looking for a new bank, he said. "We learned the hard way what questions to ask," he added.
Most small businesses are unaware that consumer online banking protections don't apply to business banking accounts, Owen said. "They think when you put your money in a bank, it'll be secure."