Business Online Banking/Cash Management Best Practices

1st National Bank of Scotia is committed in helping you keep your commercial online banking transactions safe and secure. Recently, there has been a significant change in the way that criminals attempt to perpetuate online banking fraud to steal money from businesses and individuals.

The FBI, National Automated Clearing House Association (NACHA), and FS-ISAC have all reported a significant increase in computer-related fraud that specifically targets small and medium-sized businesses and organizations. The primary targets are online banking accounts that have the capability to directly transfer funds via domestic wire transfers or Automated Clearing House (ACH) transactions.

While 1st National uses industry best practices to safeguard your financial information and assets using the latest tools, encryption and software, your actions can enhance the effectiveness in protecting you from fraud. The criminals have switched their focus to personal and work computers and are able to capture online banking credentials using malicious software (malware).

Once a computer is compromised with malware, it becomes the weak link in the chain of trust that protects your account information and funds. We rely on you to be the first line of defense and have provided some best practices that have proven to be effective in the fight against online fraud and theft.


  • Frequently and carefully review all transactions shown in your bank account via online banking/Corporate Cash Management (CCM)
  • Immediately report any suspicious banking transactions or activity to 1st National Bank of Scotia.
  • Educate users not to share passwords or divulge account or login credential information to anyone.
  • Create a strong password, which includes a combination of letters, numbers and special characters - 1st National Bank of Scotia requires a password of at least eight (8) characters, which must include a minimum of one (1) uppercase alpha character, one (1) lowercase alpha character, one (1) number and one (1) special character.
  • Do not click links or otherwise respond to requests for information in unsolicited emails.
  • Corporate Cash Management (CCM) administrators should regularly review activity within the transfer tab to include internal account transfers, Automated Clearing House (ACH) history, scheduled wires and wire history (if applicable).
  • Ensure that all company computers have the most recent operating system and key application updates as well as current anti-virus, anti-malware and anti-spyware software that are run daily.
  • Ensure that all company computers have adequate firewall protection.
  • Perform all online banking activities from a stand-alone computer system which is dedicated solely to online banking and not used for email and other web activity and disable that computer's capability to browse sites other than
  • Avoid conducting online banking/Corporate Cash Management (CCM) business activities on home computers or at publicly shared locations such as those at internet cafes, hotels, airports, public libraries, etc.
  • Report any suspicion of viruses or slow computers to the appropriate authority at your place of business.
  • Change passwords regularly (every 90 days is recommended).
  • Never leave a logged on computer unattended.
  • Avoid using automatic login features which save usernames and passwords for online banking/Corporate Cash Management (CCM).

Online System Administration and Payments

  • When employees who have access to online banking/Corporate Cash Management (CCM) leave, ensure that the password for online banking is changed immediately or in the case of Cash Management, remove the user's access by contacting 1st National Bank of Scotia at (518) 370-7200.
  • For Corporate Cash Management (CCM) users, limit online services and account access to those relevant to their responsibilities. This includes limiting access to high-risk functions such as ACH batch and origination and wire transfer transactions. Users may also be limited by both per-transaction and daily dollar limits.
  • Corporate Cash Management (CCM) can accommodate payment methods that require two or more users to release balance transfers, ACH batch and origination transfers or domestic wire transfers. With Dual Verification, one compromised user cannot initiate a transaction without another authorized user providing an approval, which may prevent or limit losses due to unauthorized transfers. As part of the Corporate Cash Management enrollment process, you may choose who provides this authorization, for what transactions, for which users, and for what transaction dollar limits for creating and verifying.
  • Ensure that the Corporate Cash Management (CCM) Dual Verification process is conducted from separate computers.
  • Customizable account alerts are available in both online banking and Corporate Cash Management (CCM). These alerts provide you the ability to set a dollar amount threshold and will provide you with an email alert should fall below a pre-determined balance that you have established.
  • Review your 1st National Bank of Scotia Account Agreement and the Corporate Cash Management (CCM) Agreement and understand your obligations regarding fraudulent or unauthorized transactions under these Agreements.

What to Do If You Suspect Online Fraud

  • Contact 1st National Bank of Scotia immediately to report any fraudulent activity. Your immediate action may prevent further theft or compromise. Our phone number for customer service is (518) 370-7200.

For More Information

  • For additional information, please visit or contact 1st National Bank of Scotia directly at (518) 370-7200. 1st National Bank of Scotia will never send unsolicited emails asking you to provide, update, or verify your personal or account information such as login identification, passwords, Social Security Numbers, PINs, credit or debit card numbers, or other confidential information.
Continue to link