Check fraud historically has been one of banking’s most serious and continuing criminal concerns. The 2009 American Bankers Association Check Fraud Study indicated there were 761,000 cases of check fraud in 2008 with losses of $1.24 billion. This is compared to 561,000 cases and $970 million in losses in 2006.

The United States Secret Service estimates $5 billion a year in US check fraud. The Chief of the Financial Crimes Division calls check fraud “the number one way criminals today are attacking our financial systems”. They also indicate that the imprisonment rate for check fraud is only 2 per cent. According to the 2010 Federal Reserve Payment Study there were approximately 24.5 billion checks paid in 2009 with a value of $36.1 trillion. Unless the debit card or other electronic payments completely replaces the check, check fraud will never be eliminated. It is just too profitable, especially for organized criminals. Banks can substantially reduce check crime by developing and following proactive strategies to avert loss. Managers involved with fraud should:

1. DEFINE the problem;
2. IDENTIFY contributing factors;
3. CLASSIFY check fraud by category;
4. IMPLEMENT prevention tactics;
5. IMPROVE communication

Defining Check Fraud

Check fraud includes altering a check, forging the maker’s signature or payee endorsement, counterfeiting, telemarketing fraud, and checks drawn on closed accounts.

Those who commit these frauds believe that there is a minimal risk of apprehension. They are often confident, professional, and intelligent. They prey on the weakness in our systems and have little sympathy for banks as victims. They do not view their acts as serious or dangerous crimes.
Check fraud perpetrators are sophisticated. They know when checks clear. They’re familiar with Regulation CC, which mandates funds availability on deposited items within specified time frames. They then check fund balances at ATM machines. It appears that, for many banks, the funds-availability schedule is shorter than the check return-item cycle.

Perpetrators of fraud also know that the larger banks and law-enforcement agencies set a minimum dollar amount for investigations. In large cities, particularly, these thresholds are very high because fraud investigations can be costly.

Contributing Factors

The proliferation of desktop publishing software which has made the creation of a counterfeit check easier and more affordable. The use of laser printers and MICR ink printers to produce fraudulent checks.

Check Clearing for the 21st Century Act (Check21): While new technology can increase the efficiency of a check clearing process, it also can create new opportunities for fraud. Remote deposit capture (“RDC”) devices such as iPhone cameras are convenient to consumers. The digital images, however sometimes fail to capture many of the protections developed over the past two generations to mitigate check fraud. How can we prevent criminals from scanning a check for deposit at a bank and then try to negotiate the same instrument with a teller? The Financial Crimes Enforcement Network (“FinCEN”) SAR Activity Review October 2011, states “Banks reported instances where paper checks already deposited electronically using RDC services were presented again for deposit in a teller line. Conversely banks, reported cases where checks that already had been negotiated were presented again for deposit via RDC. While fraudulent check re-presentment schemes are not new, the use of RDC services does provide an additional channel for their perpetration.” We need to anticipate such risks as we develop new products.

• The availability of information from the Internet concerning customer information.
• The continued increase in the efforts of organized criminal elements.
• Competition among financial institutions that discourage banks from doing anything that would inconvenience their depositors.

Other factors contributing substantially to the proliferation of check fraud include:

• Regulatory: The requirements of Regulation CC, which implements the Expedited Funds Availability Act, are common knowledge among perpetrators of new-account fraud.
• Criminal Organization, Sophistication: Check-fraud perpetrators are organized criminals who have built “alliances on greed.” They identify weakness in our systems and systematically exploit them. When one opportunity ceases, they nimbly redirect their attack to the next available option. We bankers must develop comprehensive strategies to address such threats.
• Competitiveness: Banks today must balance safety and soundness against customer convenience. Cost-containment requires doing more with less in fraud prevention and elsewhere.

Classifying Losses

Allocating fraud-prevention resources properly requires that check-fraud losses be ranked in order of perceived institutional risk:

1. Counterfeiting
2. Kiting
3. New-account/funds availability
4. Forged makers, signatures
5. Forged endorsement

Counterfeits are relatively low in volume, but represent very high risk per incident. Today’s counterfeiter has the advantage of advanced technology. For instance, counterfeiters often purchase genuine cashier’s checks for normal amounts, and then use them as prototypes for photo-offset lithography. They use computers to scan a genuine check or portions of it, such as a company logo. The computer-constructed model is then used to print counterfeits, using laser and MICR printers. A $250 scanner and color ink-jet printer can prepare a highly acceptable check in about two hours.

Kiting is the floating of worthless checks between accounts at two or more banks, with each account consisting of checks drawn on others. Regulation CC’s mandate for rapid availability of funds makes kiting more difficult to prevent. The longer a kite is undetected, the greater the probability of a large loss making kiting an especially costly area.

New Account Fraud is a simple but frequently lucrative scheme. Checks deposited into a new account are written on closed and worthless accounts, and the funds withdrawn before the deposited checks are returned unpaid. Perpetrators know that a bank’s competitive emphasis on rapid customer service undermines fraud-loss concerns {see “New-Account Fraud”}.

Forged Signatures often go undetected by signature-verification safeguards for two reasons:

1. It is economically feasible to scrutinize only a small percentage of all checks being processed; and
2. Verifiers usually only have 15-20 seconds to review any check.

Forged Endorsements typically involve larger losses, often under the “trusted-bookkeeper” scenario when an employee deposits checks made payable to the employer. Another scheme involves victimizing good accounts: Customer information is obtained through statements, trash, insiders (employees), pick-pockets, and a multitude of other sources. Spurious checks are then deposited to or cashed against the victims account. Customer confidentiality is breached through banking’s automated systems such as mailing lists, marketing databases, and bank-by-phone services.

Account Sweeteners have fooled unsuspecting tellers for many years. They involve simple check transactions of two types SPLIT DEPOSIT, in which a portion of the check is deposited while a significant portion is taken in cash, or REQUEST FOR ENCASHMENT, in which more than one check is presented, one for encashment and the other(s) for deposit. In both instances, the perpetrator seeks to gain the teller’s acceptance and confidence.

These are the major types of check fraud, but there are many variations as well. Whenever they occur, they should be classified so that you can identify areas in need of preventive measures. By tracking specific types of check fraud, you can analyze their incidence over time, comparing losses by period.
Trends are generally more important than absolute when analyzing check-fraud data. Each category should be compared by month, quarter, and year.

Prevention Techniques

The continuing losses in check fraud are forcing banks to adopt proactive countermeasures. A sound maxim: SPEND AT LEAST AS MUCH ON PREVENTION AS YOU DO ON INVESTIGATION.

A program to prevent check fraud should start with a strong organized strategy. It should incorporate:

1. Centralized Reporting of potential losses to an area such as security, auditing, or a risk-management function.
2. Proper Monitoring, Classification, and Analysis of all losses to identify trends, patterns, and spikes in normal activity.
3. Communication with Senior Management to ensure they are aware of significant areas of operating losses.
4. Communication Among Internal Partners – auditing, security, legal, and check-processing- to discuss fraud concerns.
5. Assessment of Operating Polices and Implementation of Needed Changes.
6. Check-Fraud Awareness Training targeted to specific types of fraud and the areas where they occur.
7. Education of Corporate and Personal-Account Customers, via statement stuffers, seminars, account-officer discussions, and the like.
8. Involvement of Security/Investigation Staff in early stages of product development as pre-rollout team members, so that they can help identify unacceptable risks before new products are introduced.
9. Development of Prevention and Detection Award Programs/Enforcement of Accountability – incentive vs. disincentive.
10. Modification of Traditional Investigative Objectives – quantify/recover, and identify/prosecute-by adding another important ingredient: ANALYZE/PREVENT.

Key Communications 

Preventing check fraud depends greatly on banks communicating with each other, so banks should not be adversarial when it comes to sharing fraud-prevention strategies and intelligence. While we must be mindful of privacy issues, we can still share a great deal of information without violating an individual customer’s right to financial privacy.

As a protection against civil litigation, some banks include information provisions in their deposit agreements. For example: “You authorize the bank, and any affiliate of the bank, to exchange information about you and your accounts. You also authorize the bank to provide any documentation and/or information about you and your accounts in connection with banking transactions and in other circumstances that the bank deems necessary and appropriate.”

A number of interbank communications mechanisms already are in place, including:

1. The International Banking Security Association (IBSA) through ibsa, many of the world’s largest banks share fraud intelligence through regular meetings and daily information exchanges utilizing electronic mail.
2. Industry Conferences offer knowledge and networking opportunities.
3. Clearing-House Associations throughout the country meet regularly to discuss fraud issues and develop prevention strategies.
4. Local Bank-Fraud Committees exchange information on current regional fraud trends and deterrent methods. Some banks have developed internal early-warning systems. Others work with vendors to detect check-fraud potential (See Early Warning Systems).

Intrabank Networking

Communication within a bank is also crucial. Check-fraud prevention should be cross-disciplinary: An effective program requires teamwork and continuous dialogue among security, investigations, auditing, risk-management, legal and check-processing departments, and line management. In addition, continuous liaison with law enforcement and regulatory agencies is vital.

Countering Counterfeiters

Current counterfeit control measures include:

• Control Disbursment is one of the best ways to stem counterfeiting of corporate accounts. One of the most common-and extremely effective-check payment control systems simply compares checks presented for payment against a file issued by the customer. Non-matching items are not paid.
• Deposit Agreements requiring use of the bank’s vendor when ordering checks. Customer-generated or external vendor checks are unacceptable. If non-bank checks are used and then involved in a counterfeit attempt, the customer may be liable.
• Software Products which flag suspicious checks based on deviations from established ranges of sequence numbers, dollar amounts, and volume are available from vendors.

New Account Fraud

The prevention of new-account fraud requires a comprehensive account-opening procedure focused on knowing the customer. Any suspicion associated with an account should trigger a call to the customer’s place of business to personally verify application statements, including Social Security number and mother’s birth name. Strict identification requirements-at least two pieces of reliable identification-should be mandatory.

Both vendor and in-house verification systems should be used to screen accounts before opening them. If possible, delay checkbook orders and ATM-card issuances until references have been verified. Use sound business judgment: If some detail doesn’t make sense, the account is probably fraudulent.

In verifying accounts, observe alarm signals: For example, be cautious of accounts opened with only a small cash deposit that use P.O. boxes or suites as addresses, or that list temporary or self-employment.
Watch for handwriting anomalies, a possible sign of an organized fraud ring. Re-examine suspicious identifications. Does the applicant neither live nor work in the branch location. Monitor undelivered mail, because a valid applicant is unlikely to give an address and move quickly or without notification.
Finally, designate a supervisor to review all-or at least-selected-new account applications,

Fraud Early-Warning Monitoring Systems

Analyze previous losses in developing in-house early-warning systems. Given that fraud perpetrators are using technology with great success, we need to develop additional automated systems to prevent fraud against our institutions, and we must share technological insights at every opportunity.

To counter check fraud, banks must use the same type of proactive tactics that criminals find so profitable. We must organize strategically and put available technological resources to good use. And we must remember to communicate effectively, especially when it comes to sharing information.

1. A fraud screening system is a database of names and addresses of individuals and businesses previously identified as undesirable. The system is fed information from investigated cases, newspaper clippings, shared intelligence, and known relationships to organized crime. This name/address system is compared to the new-account file daily and matches are reported to the investigation department. This early-warning system results in closing high-risk accounts before fraud occurs.
2. A MICR Line System is a database of routing and account numbers from checks drawn on closed fraudulent accounts. Each night, this database is compared to the bank’s all-items file (which contains a MICR line record of all checks processed that day). A report is produced, listing deposits, encashments, and payments made using these same fraudulent checks. Holds are placed against these deposited items and fraudulent accounts are easily identified.
3. New Account Fraud– This system identifies patterns indicative of new account fraud, such as an unusually large check deposit to a recently opened account.
4. ASI-16 (Antonori Software Inc.) fraud detection software-A fraud detection filter that examines daily check transactions and compares them to the individuals check writing history through a predefined set of bank parameters.

Let’s summarize what we covered:

• Proactive actions are necessary.
• Alternatives are available:
  • Organizational strategies
  • Applied technology
  • Vendor supplied products
  • Communication and sharing information is imperative.

In conclusion, there are 5 key areas that need to be addressed in order to effectively prevent check fraud losses:

1. You must define and size the problem.
2. Classify the losses.
3. Determine the contributing factors.
4. Employ proactive prevention techniques.
5. And most important – COMMUNICATE.

Charles J. Bock Jr., CFE, Retired Senior Vice President and Global Director of Fraud Prevention and Investigation at JPMorganChase. He currently is the President of Charles J. Bock Jr. and Associates, a financial fraud solutions consulting firm.