2 min read
The core controls
Require two people to approve payments above a threshold. Verify any new payee or change of bank details by calling a number you already hold. Set per-role payment limits so a single person cannot move large sums alone.
Layering defences
Reconcile the bank daily, restrict banking access to named people, and keep software patched to reduce email compromise. Underpin it all with a cash buffer so a single loss is survivable rather than fatal.
What it means for you
Credicorp lends to your company, not to you personally, and takes no personal guarantee. See business loans or apply online.
Frequently asked questions
What is the single most effective control?
Call-back verification of any new payee or bank-detail change on a trusted number, paired with two-person approval for larger payments.
Do I need expensive fraud software?
Not to start. Most business payment fraud is defeated by process — dual authorisation, verification and access limits — rather than technology.
Related reading

What is authorised push payment (APP) fraud?
APP fraud is where you are tricked into authorising a payment to a scammer yourself — because you approved…
Read →
What is CEO fraud or business email compromise?
CEO fraud (business email compromise) is when a scammer impersonates a director to pressure staff into an…
Read →
What is invoice redirection fraud and how do I avoid it?
Invoice redirection fraud is when a scammer poses as a supplier and asks you to change their bank details,…
Read →
A customer is disputing a large invoice and withholding payment — how do I cope with the cash gap?
A disputed invoice can freeze a large receipt for weeks; a short facility covers the gap so a single dispute…
Read →Funding for UK limited companies
Credicorp lends to your company, not to you personally — short-term working capital with no personal guarantee. See what your business could access.