Processing and handling ABA (Australian Bankers Association) cemtex files is often identified as a weak spot in payroll processing.
Most payroll systems are set up with roles and permissions, audit trails and exception reports. However, they’re often not built to initiate the payment of employee wages.
Instead, as the last step in the payment process – the payroll team generally outputs a text file to a system directory folder for manual upload into an online bank system (as banks only accept a standard file format to generate electronic fund transfers).
This less than perfect process leaves the humble ABA file open to manipulation and fraud.
That’s why we’ve put together a quick checklist of ways to improve your ABA file handling. Even better, you can automate these tasks using Paytools.
We’ve also created a free best practice checklist [PDF version] you can keep. Download it here.
Here’s some simple checks and tips on handling ABA files
Check whether your payroll vendor supports automatic loading of the ABA file
Ideally there should be no human intervention in sending the ABA file to your online banking portal. Check with your vendor if they support automation of this process.
Automate transfer of the ABA file from payroll system to your secure folder
By eliminating manual handling of the ABA file produced by the payroll system, you can reduce the chance of someone altering the ABA file.
Restrict access and permissions on the folder the ABA file is being saved in
Reduce the chance of fraud by limiting the amount of people who have access to the folder the ABA file is stored in.
Ensure ABA file is not being updated manually to correct errors
Avoid updating the ABA file manually to correct errors. This practice encourages the wrong behaviour and can allow future fraudulent activities.
Errors in the ABA should instead be fixed at the source (payroll system) and the ABA produced again to ensure the correct internal controls are being followed.
Minimise touch points of generated ABA files
Reduce the number of touch points in the ABA file generation and send process.
Investigate whether your payroll system supports direct secure file transfer protocol (SFTP) transfer of the file to a secure location for your finance team to process in the online banking portal.
Turn off manual edits for ABA files in online banking
If possible, remove the ability to make manual edits to ABA files in online banking. If this is not possible, review the audit trail of past ABA payment transactions.
Archive and protect old ABA files
Archive and protect old ABA files. This ensures old ABA files cannot be used as a template for fraudulent payments.
Default the ABA file to be write protected direct from the payroll system
By making the produced ABA read-only, you’ll minimise the risk of the file being edited before being uploaded to online banking.
Use a hash total on the bank file where possible
Does your payroll system or online banking use a hash total to detect changes to bank account or transaction amounts?
If possible, enable functionality to turn on hashing of the ABA file so any manual manipulation of the file will be rejected by the online banking upload.
Want more best practice and checklist templates?
Request a demo of our payroll operations software and we’ll guide you through the whole process. It provides a complete library of payroll compliance checks so you can create an automated recurring schedule for managing your compliance obligations.