Check use has declined for years as consumers gravitate toward faster, more digital transactions. Yet despite the slow and steady phasing out of checks, the financial sector has seen a recent uptick in check fraud.
FinCEN reported 680,000 instances of known check fraud in 2022, and those trends continued into 2023, with experts estimating a whopping $24 billion in losses. 40% of community bankers who responded to CSI’s 2024 Banking Priorities Executive Survey listed check fraud as one of the top types of fraud they encounter, only narrowly losing out to card and wire transfer fraud. Only half saw their prevention measures as very effective.
Why has check fraud increased, and what can financial institutions do about it? This blog explores the problem and how well-implemented solutions like positive pay can help stem the tide.
What is check fraud?
At its simplest, check fraud encompasses any effort to fraudulently obtain funds through manipulation of traditional checks. Although certain forms of fraud like account takeovers can be related, these can also be achieved by different means like phishing. Common types of check fraud, explored in more detail later, include check forgery, check theft and check washing.
Some forms of check fraud involve modifying actual checks, others involve taking advantage of how checks are processed and still others involve creating false checks altogether. It can vary from very complex – like a fraudster creating a false business to cash checks – to far simpler, such as check theft and modification. Although check use has declined, fraud still poses a risk to consumers, businesses and financial institutions.
Why is check fraud on the rise?
Fraudsters have sought to manipulate paper checks for about as long as checks have existed, but recent years have seen a surprising increase in fraud with a modern twist. For many, the resurgent trend became most evident during the distribution of COVID-19 relief checks, as fraudsters exploited the confusion and emotion of the moment. But it didn’t stop there, as check fraud has spread to areas like social security checks, unemployment benefits, paychecks and more.
Fraud in particular domains will inevitably increase when there aren’t enough safeguards to prevent it. In addition, instances of fraud tend to grow when the economy begins to dip or enter uncertain territory, like throughout a pandemic or times of intense inflation. As technologies to combat financial crime become more sophisticated, fraudsters seem to recognize more opportunities for exploitation to make money faster, such as the widespread manipulation of government relief checks.
Another contributing factor to the uptick is its relative ease and profitability if there aren’t enough precautions. Although check use has decreased, the average dollar amount of the typical check has increased and is often used for more considerable expenses like paying employees or bills. So, it’s a ripe opportunity for fraudsters to make more in a shorter period.
How are fraudsters getting access to checks?
Much of this reported rise in check fraud has ties to the U.S. mail system. The United States Postal Service warned consumers after the theft of checks exploiting COVID-19 relief lost victims thousands. It urged consumers to avoid mailing checks in general and helped bring public awareness to problems like sophisticated fraudulent operations, with participants even infiltrating post office distribution centers.
But it’s not all as elaborate. In many instances, fraudsters fish out mail from mailboxes that may look like a check or bearer of sensitive information, then exploit that information for profit. In rarer cases, mail carriers have been held up at gunpoint and robbed of such mail.
Insider threats, either at financial institutions or at post offices, exacerbate the problem. In some cases, insiders at these organizations have been caught siphoning out valuable information from these checks to fraudsters. As a result, any organization that handles checks should carefully consider what their insiders can access.
What are the types of check fraud?
While check fraud tactics all have the same goal – exfiltration of fraudulently acquired funds – the tactics and red flags can vary. Check fraud exploits the fundamental weakness in checks – they contain a great deal of personal information, including names, addresses, bank accounts and sometimes phone numbers or identification numbers. Types of check fraud include:
- Check washing: Also known as altered checks, this method involves using a solvent to remove the ink on a check and replacing amounts and names.
- Check kiting: A criminal opens an account at two or more banks, then writes a check from one account to the other and cashes it out from the second account before the fraud is discovered.
- Counterfeit checks: Fraudsters create entirely false checks, typically with advanced software to emulate existing checks at an institution.
- Check forgery: Often following some form of theft, checks are seemingly written from the actual account owner to an inappropriate recipient.
- Check theft: This bears mentioning, as direct theft of a physical check can lead to several of the above.
The most common type of check fraud is a simple modification of a legitimate check. Once a fraudster obtains a victim’s check, they typically modify the dollar amount and recipient. These instances make knowing the customer and their spending habits particularly critical for financial institutions.
As technology improves, financial institutions are also seeing a resurgence of counterfeit checks. While less common than check washing, other tactics can be as costly. For instance, check kiting takes advantage of the float time of cashing a check. This could even involve multiple banks and a series of revolving checks.
In some cases, fraudsters sometimes will even set up fake businesses and create counterfeit IDs to deposit checks. In others, suspicious emails or texts can urge unassuming customers to submit their own checks into a fraudulent account through solutions like remote deposit capture. Although it can be challenging to detect alterations or differentiate the norm from the fraudulent, financial institutions and other businesses accepting checks should be on high alert for any amount or behavior that seems suspicious.
Who is most at risk of check fraud?
According to the reports from the Washington Post and similar sources, check users skew older and more rural. Three-quarters of retirement-age Americans still use checks. This makes sense, given that this group relies less on technology and remains familiar and comfortable with paper checks. However, they can also be more at risk for fraud and must be educated to know the steps to avoid it.
Check users also skew toward higher socioeconomic status, reinforcing the opportunity and monetary value for criminals. 15% of consumer bills are also paid via check, and 1.8 billion checks were used by consumers in 2023. So, while check use is declining overall, it will be some time before the practice finally phases out.
Who is liable for check fraud?
Although it depends on the individual circumstance, the financial institution is often on the hook for at least a portion of the lost funds. However, this is not always the case, if an investigation into the fraudulently cashed check reveals that there was negligence on the part of the account holder and the institution made a good faith attempt at due diligence to review the transaction.
Ultimately, consumers must exercise care with their accounts and checkbooks. Financial institutions also have an opportunity to educate appropriately. Regardless of whether the institution or its customer is found responsible, undetected fraudulent checks generally result in anxious customers and economic losses for everyone but the criminals.
What can financial institutions do to prevent check fraud?
As with all forms of fraud, the best defense against check fraud is staying alert and knowing the signs. For instance, consumers may be less inclined to mail a check if they are acutely aware of the risks. They may be less likely to rely on checks altogether if they have the technology, training and convenience to pay another way.
However, education isn’t limited to customers. Bank personnel should be better trained to spot bad checks. If they know some red flags (explored in more detail below), they will be better equipped to prevent them. Similarly, some tellers may need to say no when a pushy fraudster (under the guise of a dissatisfied customer) urges them to overlook red flags.
As mentioned, technology can also help in the constant effort to prevent fraud. For instance, an institution can update its remote deposit capture solution to enable real-time updates and alerts to its fraud team. Data visibility can help ensure bad checks are stopped, and good ones aren’t cashed multiple times. Implementing positive pay is another critical strategy, explored in much more detail below.
How can consumers protect themselves from check fraud?
The most straightforward way for consumers to avoid falling victim to check fraud is to move away from physical checks altogether. Implementing direct deposit for their paychecks or electronic bill pay helps eliminate the need for most checks.
In other instances, basic phishing prevention tactics can be helpful, primarily if the fraud is implemented through remote deposit capture. Here, education from financial institutions can be critical. Resources from such organizations as the Federal Trade Commission can help consumers spot additional fake check scams.
Business customers should sign up for positive pay to secure their funds and payments. Although it is an expense for the bank, educating and urging these customers on the value of positive pay is essential. In the long run, the measure improves risk mitigation and customer satisfaction by comparison to potential cases of fraud.
What is positive pay?
Positive pay is an optional feature that banks can add to their existing core banking platform that tracks the checks issued and paid on selected commercial accounts, or the bank’s official checks account. It helps detect fraudulent checks by comparing ones to be cashed with ones already issued in the system and a predetermined set of parameters.
It’s also a form of insurance against fraud, losses and other liabilities to an institution. The system compares the account number, check number and dollar amount of each check presented against a list provided by the company to protect against forged, altered or counterfeit checks. Payee names may also be included on the list of issued checks. If the payee’s name from the check image does not match the payee’s name from the issued check file, exceptions can be generated.
When the information doesn’t match the check, the bank notifies the customer through an exception report, withholding payment until the company advises the bank to accept or reject the check. The bank can also flag the check, notify a representative at the company and seek permission to clear it.
Positive pay adds a layer of security by requiring verification of key details, minimizing the risks of unauthorized or altered checks being paid. For instance, altered checks will typically be entered outside the account-specified parameters with different names or amounts.
How does a positive pay system work?
Essentially, positive pay verifies that details on a check fit within the approved parameters of the account holder before it is cashed. It offers bankers a more convenient view of potentially fraudulent checks, so that they can either reject the check, make a correction or remove it from the list of suspected fraudulent items.
Account holders must sign up for positive pay to participate. When an entity with a positive pay account issues a batch of checks, they submit a file to their bank containing details of the checks to be issued. This file typically includes information such as account number, check numbers, issued date, payee name and the check amount. When a check is presented for payment at the bank, the bank then compares the presented check with the information submitted during check issuance.
If the details of the presented check match the information the account holder provided during check issuance, the check is processed for payment. If there is a discrepancy, the check is flagged as an exception. During nightly processing, the technology provider will identify items that were paid, so the bank can update the issued check file.
In the event of an exception, the bank notifies the account holder or the person responsible for managing the account of any exceptions or discrepancies. The account holder then reviews the exception items and decides whether to authorize the payment or reject the check. This decision is typically made through an online portal or by communicating directly with the bank. Increasingly, positive pay services also give account users the option to automate decision-making as they decide.
Another variation, reverse positive pay, works similarly. In this case, the business customer does not upload a list of issued checks. As a result, all paid checks will generate an exception and the end customer can then review each posted check.
How does positive pay detect check fraud?
Positive pay evaluates checks for various discrepancies that may indicate a fraudulent check. In general, the system looks for exceptions like:
- Paid not issued item: The check number of the paid item does not match any issued item that was uploaded.
- Duplicate check number: Two or more paid items have the same identification number.
- Mismatched account: The amount of the paid item does not match the amount of the issued item. This could indicate a counterfeit check wherein the amount was fraudulently altered.
- Voided item: A paid item matches an issued item marked as void and should not have been paid.
- Payee name mismatch: The payee’s name from the check image does not match the name provided in the issued check file.
- Stale checks: The check was not cashed within the days to post specified in the account options.
- The amount exceeds the limit: The check exceeds the dollar amount defined in the account options.
- Low/high check number: The check number of the paid item is lower or higher than the check number range defined in the account options.
Sometimes, a flagged item may result from an error, like a misread check or incorrectly entered information. If a check gets flagged, the amount is correct and the check is legitimate, the institution or their customer can approve the exception.
What accounts are eligible for positive pay?
Positive pay can be offered to any demand deposit account, making it a versatile solution for financial institutions and their clients. While it can be implemented across a range of accounts, accounts with large balances and a high volume of transaction activity will benefit the most from the service.
Financial institutions may find positive pay especially beneficial for corporate, commercial and multiple cash management customers. These entities often engage in a significant volume of check-based transactions, making them prime candidates for enhanced security and fraud prevention mechanisms. Business clients may have many checks circulating within their business operations, and the ability to establish specific parameters for check authorization further adds to the appeal of positive pay for these entities.
Moreover, the bank gains substantial advantages by implementing positive pay for its accounts. This underscores the institution’s commitment to safeguarding its financial assets and serves as a proactive measure against fraudulent activities that could potentially affect the bank’s overall economic stability.
How does positive pay automation work?
Banks that wish to accelerate their positive pay processes may consider automating tasks to shore up defenses faster. Ultimately, the end customer should be reviewing their exceptions each day. When exceptions still exist after the cutoff time, automatic decisions can be made rather than marking items manually. This enables the automatic flagging of checks as either approved items or as returned items. If returned, additional automation can pass the items to the bank’s chargeback system as non-NSF returns.
To implement positive pay automation, banks can set a cutoff time and specify the accounts for which automated decisions should be applied. Beyond this cutoff time, the institution can choose specific accounts for which they want decisions to be made automatically. The bank can opt to auto-approve or auto-return checks for these accounts. In cases where exceptions arise, business customers can still intervene and make decisions prior to the designated cutoff time.
How long will today’s check fraud trends continue?
The surge in check fraud will likely dwindle as check use continues to phase out of practice. In the meantime, a healthy mix of education and well-implemented technology makes a significant difference.
Bankers everywhere should continue to keep an eye on these fraud trends for years to come. Want to know what else is on bankers’ minds this year? Don’t miss CSI’s interactive 2024 Banking Priorities Executive Report.
Check it out
Jason Young, Head of Core Banking
Jason Young oversees CSI’s core solutions and robust ancillary product suite, including business intelligence solutions, branch/retail delivery solutions and document archival. He also has supervised the development and integration of many products/services into CSI’s NuPoint core processing platform. Jason holds a diverse banking background, having served as a credit underwriter and commercial lender with Regions Bank before joining CSI.