October is Cybersecurity Awareness Month—a timely reminder to review tools and practices that help reduce exposure to fraud.
At Chain Bridge Bank, N.A. ("Chain Bridge"), we provide security features designed to assist clients in monitoring transactions and maintaining oversight of their accounts.
Below are key protections available to you.
Positive Pay for Checks and ACH — Complimentary at Chain Bridge
Check Positive Pay compares the checks you issue against those presented for payment. Exceptions—such as mismatched check numbers, amounts, or payees—are flagged for review.
Payee Name Verification, an added feature, compares the payee name you provide against the name captured from the check image.
ACH Positive Pay allows you to set rules for ACH debits; transactions that do not meet your criteria are flagged as exceptions.
Chain Bridge offers Check Positive Pay (with optional Payee Name Verification) and ACH Positive Pay as complimentary services for commercial clients.
Q: What is Positive Pay?
A: Positive Pay is an automated fraud-detection tool that matches issued checks or ACH entries against presented transactions to identify alterations or unauthorized payments.
Why Reduce Reliance on Paper Checks
While Positive Pay helps mitigate check risk, paper checks remain especially vulnerable:
- Checks are frequently stolen from mail, altered, or counterfeited.
- Industry data shows check fraud remains the most common form of payment fraud, affecting a majority of organizations.
- Checks are slower and more costly to process than electronic payments.
- Electronic channels—such as wires, ACH, and Bill Pay—include additional authentication and review controls, but like all payment methods they are not risk-free and may be targeted by phishing or other scams.
Clients should select payment methods that best align with their business needs and online experience.
For further guidance, visit the American Bankers Association's resource on Check Fraud.
Dual Control and Multi-Level Approvals
Requiring multiple approvals remains one of the most effective defenses against fraud.
For most business clients, dual control—one user to initiate and another to approve—is Chain Bridge's recommended procedure for wires, ACH, and Bill Pay.
For larger organizations, our Treasury Management system supports up to four authorization levels for wires and ACH.
⚠️ Important Legal Note (UCC 4A-202)
Under UCC Article 4A-202, the “security procedure” is the procedure agreed upon between the customer and the Bank.
If you elect single control, that becomes the agreed procedure, and the Bank is entitled to rely on any payment order that complies with it—even if you did not authorize it.
The same principle applies if dual or multi-level controls are agreed, but requiring more than one approver greatly reduces the risk of an unauthorized transaction being executed.
We strongly recommend all commercial clients transmitting wires, ACH, or Bill Pay online use at least secondary authorization. If you currently operate on single control, please contact your Relationship Officer to add a secondary authorizer.
Multi-Factor Authentication (MFA) — Required at Login and Payment Initiation
Chain Bridge requires multi-factor authentication at both login and payment initiation. MFA uses more than one method of verifying identity and can significantly reduce, though not eliminate, the risk of fraud.
SMS (text) codes are supported for convenience but are more vulnerable to interception, SIM swaps, or spoofing; we discourage relying on them as your primary method.
Authenticator apps (e.g., Google Authenticator, Microsoft Authenticator, Authy, Duo Mobile, Bitwarden Authenticator) are stronger, widely supported alternatives. Passkeys and secure tokens provide additional options.
For clients with high balances or large transaction volumes, we strongly recommend FIDO2 security keys.
Q: What are FIDO2 keys?
A: FIDO2 keys are small physical devices (USB or NFC) that use public-key cryptography to verify identity. Because the private key never leaves the device and authentication is tied to the legitimate website, these devices are resistant to phishing and credential theft. Examples include YubiKey 5 NFC / 5C, uTrust FIDO2 NFC, and Token2 T2F2-PIN+ (no commercial endorsement implied).
⚠️ Note
FIDO2 security keys are not supplied by Chain Bridge Bank, N.A. Clients must purchase them independently from trusted, authorized vendors—such as directly from the manufacturer or established distributors. Purchasing from unverified sources may increase the risk of counterfeit or compromised devices.
If you are considering FIDO2 keys, your Relationship Officer can provide general information about using these devices with your Chain Bridge accounts.
Advisory Disclaimer: Chain Bridge Bank, N.A. does not provide tax, legal, or accounting advice. Clients should consult their own advisors.
Phishing, Smishing, and Spoofing Awareness
Fraudsters often impersonate trusted parties to obtain credentials or approvals.
- Phishing: fraudulent emails that appear to come from legitimate sources.
- Smishing: fraudulent text messages attempting to deceive recipients.
- Spoofing: falsified caller ID information, email addresses, or URLs that appear authentic.
⚠️ Caller ID and sender information are not reliable.
Criminals can make calls, emails, or websites appear to come from Chain Bridge Bank, N.A. or another trusted institution. Always review the sender’s full email address carefully, and confirm that website URLs begin with https://www.chainbridgebank.com or another verified address before clicking any link.
Chain Bridge will never call, email, or text asking for your password or one-time passcode. If you receive such a message, do not rely on caller ID or sender details. Instead, hang up or close the message and contact us directly using the official numbers listed on our Get in Touch page — for example, 703-748-2005.
What You Can Do Today
Ask your Relationship Officer about activating Check Positive Pay with Payee Name Verification and/or ACH Positive Pay to help detect unauthorized or altered transactions more quickly.
Evaluate whether payments made by check can transition to electronic channels (wires, ACH, or Bill Pay) based on your comfort level and business needs.
Confirm that appropriate authorization controls—such as dual control or multi-level approvals—are in place for wires, ACH, and Bill Pay.
If you currently use single control, contact your Relationship Officer to discuss adding a secondary authorizer.
Enhance your login security: move away from SMS codes and adopt more secure options such as authenticator apps, passkeys, or security tokens. Consider FIDO2 keys if you manage high balances or multiple devices.
Stay alert to suspicious emails, texts, or phone calls. Avoid clicking unfamiliar links or attachments, and verify authenticity before acting.
Our Commitment
Chain Bridge is committed to providing information and tools to help clients manage security risks. While no system can eliminate all risk, reducing reliance on paper checks and adopting stronger authentication and approval controls can improve oversight and resilience.
