Design principles
- Segregation of duties: separate “create” from “approve.”
- Least privilege: users get only what they need.
- Defense in depth: approvals + limits + alerts + verification.
Controls to implement (bank-neutral)
| Control | Applies to | What good looks like |
|---|---|---|
| Dual approval | ACH & wires | Two approvers above a threshold; backup approver documented. |
| User role limits | ACH & wires | Per-user and per-batch limits aligned to job role. |
| Out-of-band verification | Vendor changes | Call-back to known number for any bank detail changes. |
| Real-time alerts | All | Alerts for new beneficiaries, edits, approvals, and releases. |
Operational checklist
- Monthly: review entitlements and remove stale users immediately.
- Quarterly: test your “change vendor bank details” workflow end-to-end.
- After incidents: rotate credentials and re-baseline limits.
This page is educational and does not provide access to any bank portal.