I need a deposit account (but I don't mean a deposit account), know what I'm saying?
July 9, 2007 1:03 PM   Subscribe

You can usually have a regular checking account put on a deposit only status. Call your bank, I know Bank of America does this at the least.
posted by IronLizard at 1:07 PM on July 9, 2007

You may be thinking of an electronic lockbox account. This is an electronic "child" of the traditional lockbox account for receiving and processing mailed remittances. If you are doing cash management services and integrated A/R & A/P processing with your bank, you may already have such services in place, and need only a phone call to activate them.
posted by paulsc at 1:29 PM on July 9, 2007

I don't think you need to be concerned - the routing details on your account are not enough to allow your customers to take control of it and start stealing your money. There is an additional level of security required to do these things, precisely because your routing details are not secure (e.g. they are/were available on checks). Your existing business account should be fine - talk to your bank about it but I don't think you need a specific account with a "no pay out" feature.
posted by patricio at 1:53 PM on July 9, 2007

Seconding IronLizard. Most banks can place a 'debit block' on your accout to prevent any outgoing charges. This won't work if you, yourself, want to write checks against the account or what have you.

You're pretty well-protected against fraud, as long as you monitor your account and report anything suspicious right away.
posted by logic vs love at 2:45 PM on July 9, 2007

my routing/account number on a case-by-case basis and the transactions have gone smoothly. But I know I can't keep doing this when presumably anyone can just take that info, make an account on CCBill, and start buying porn, or worse yet directly wire funds out somehow.

What? Your routing and account number are on every cheque you write. People shouldn't be able to take money from your account with that info alone.
posted by joannemerriam at 3:24 PM on July 9, 2007

Just tell your bank that you want your account to be able to accept incoming wire transfers, but that you want to put a block on outgoing transfers. You don't need any kind of special account for such a thing. I've done this with regular checking and savings accounts.
posted by amyms at 3:38 PM on July 9, 2007

Hmm... interesting. I was told by my bank manager that all it takes to have someone siphon money from one's account is a valid routing number (that identifies the bank) and a checking account number.

She told me this on May 18th of this year, the day I found out that I had $1843 in unauthorized charges appearing on my checking account. (!) Two electronic debits, one in my name, one in someone else's name, and a fraudulent check that was out-of-sequence and imprinted with someone else's name and address. Yikes!

The bank was very nice about the whole matter; they closed my checking account and opened up a new one (but screwed up my electronic bill-pay account for a week or so!), and eventually, a week or so later, refunded the fraudulent charges.

Still, this only goes to show that in the U.S., at least, all it takes is that 9-digit routing number and one's checking account number, and the wrong sort of person can just help themselves to your money.

Sca-RY.

As an aside, I'm like the poster-child for doing most of my banking electronically; I hardly ever use paper checks. But, according to my bank manager, it may not have been a paper check that the thief got the numbers off of; maybe they work at a business that has my routing/checking numbers stored for a regular ACH transaction (for non-U.S.ians, that's where someone else is authorized to debit your account for a specific purpose; say, a monthly payment that you set up with your insurance company or your mortgage company or even the local gym membership—in order to make the ACH transaction possible, you have to give them your routing and checking acct. numbers).

Although locking up an account to prevent outgoing transfers sounds like a good idea, most of us rely on being able to allow such transactions from parties to whom we need to send money.

I wonder if there's a way to add greater security to that link? In fact, I wonder if we've made doing ACH transactions TOO easy... back in 1990 or so, when I authorized Blue Cross to deduct money from my checking account, I actually had to go to my bank and sign a form authorizing the bank to pay Blue Cross by that method.

Haven't had to do that sort of thing for years. After my experience this year, I'm longing for a return to those days. ;-)
posted by kentk at 4:22 PM on July 9, 2007

Your routing and account number are on every cheque you write. People shouldn't be able to take money from your account with that info alone.

Actually, that's pretty much all that is needed to fraudulently take money from someone's account. Give the wrong person your routing number and account number, and your money could be gone by the end of the day. You take a risk whenever you write a check of give someone your account information. But for all electronic fraud, your liability's capped at $50 according to federal regulation E (though most banks won't hold you to that anyway), as long as you report it on time, so the key really is just to monitor your account and not be one of those people who only reviews monthly statements at tax time.
posted by logic vs love at 6:40 PM on July 9, 2007

Unless the funds are going to a bank account in my name, my bank requires that I appear in person to begin a transfer. Your bank may have similar rules.
posted by youngergirl44 at 6:46 PM on July 9, 2007

Sorry to invade someone else's question, but does anyone have any links to information that actually describes how people can take your money with just a routing number? That seems ridiculous. (i.e. cite please.)
posted by blacklite at 7:30 PM on July 9, 2007

first google hit for 'ach fraud'

I work in the fraud department of a bank, and we see this kind of thing all the time. There's a difference between electronic transfers (ACH) and wire transfers... wire transfers are quite a bit harder to forge and almost always need to be initiated in person by the account holder, so if that's only thing the poster is worried about, it's probably not too big of a deal. ACH fraud, on the other hand, requires nothing more than your routing and account number. With that information, I could do an online payment to my credit card, print fake checks to go shopping at Wal-Mart, set up a paypal account and start bidding on some ebay auctions, and do a check-by-phone for my electric bill. It's almost ridiculously easy.

Also see this previous thread.
posted by logic vs love at 8:20 PM on July 9, 2007

With that information, I could do an online payment to my credit card, print fake checks to go shopping at Wal-Mart, set up a paypal account and start bidding on some ebay auctions, and do a check-by-phone for my electric bill. It's almost ridiculously easy.

And all of your fraudulent transactions would eventually bounce.
posted by oaf at 6:10 AM on July 10, 2007

blacklite -- I can vouch for this kind of fraud from personal experiences... back in 2001 when I was with Bank of America, an individual set up some accounts with porn websites using my routing/account number and I temporarily lost $800. I had stupidly put my routing/account # on my website as payment options, after seeing identical examples of this in corporate websites here and there, but I didn't realize this would leave me with NO protection. I did get the money back but I left BoA after they were unable to assure me this wouldn't happen again even with the account closed (!).
posted by stam_broker at 10:01 AM on July 10, 2007

This is just a stab in the dark, but could you arrange for payment using PayPal?
posted by robabroad at 1:47 PM on July 10, 2007

As much as I try to avoid thread steering generally, I'm popping back in here to make the point that the OP originally seemed to ask about business banking protections, which are typically different than consumer level protections, under state and Federal banking regulations. The protections that attach to consumer accounts are often not extended to business accounts, where the expectation is that business accounts will have more complicated transactions or greater volume of transactions being processed, and will be under the control of people with greater legal understanding and fiduciary responsibility.

What would be acceptable practice for consumer accounts, and generally indeminified by bank practice for consumers, is generally not applicable for business accounts. If the question does pertain to business banking, I reiterate that some conversations with your banker regarding cash management are in order. Take their recommendations to heart in designing your processes.
posted by paulsc at 2:45 PM on July 10, 2007

Generally, you have two accounts. One is credit only, the other is a regular account. You can publicize your credit only account with no worries, because no one can spend the money, only deposit into it. You can then transfer funds from the credit only to the regular account, which is secret, to spend the money. This arrangement also greatly simplifies accounting and, sometimes, taxes.
posted by IronLizard at 2:52 PM on July 10, 2007

Huh. I was told by my bank that in order to withdraw funds from my account, people needed more than the routing & account number. That was Royal Bank of Canada. Maybe the rules are different in the US.

I used to work for an American check-printing facility, and we were required to check all orders that came from individuals with their bank to ensure the name, address and account number matched up. It's possible the rules were just company rules, but I was under the impression they were a federal requirement.
posted by joannemerriam at 3:10 PM on July 10, 2007

Business accounts work slightly differently to personal accounts. I do accounts admin for a UK based organisation - no money comes out of our bank accounts without a signature. This applies to direct debits (equiv. ACH?), cheques, standing orders - everything.

This would make sense if you think about the sums involved - there's close to £1m coming out every month.

For personal currents accounts I don't think they even bother checking the signature on cheques.
posted by Well that's a lie at 4:16 PM on July 10, 2007

« Older Are there any good online auct...   |   Any suggestions for securing d... Newer »