Protecting Your Organization Against Check and ACH Fraud


Published on

Webinar series from FraudResourceNet LLC on Preventing and Detecting Fraud in a High Crime Climate. Recordings of these Webinars are available for purchase from our Website

This Webinar focused on the subject in the title

FraudResourceNet (FRN) is the only searchable portal of practical, expert fraud prevention, detection and audit information on the Web.

FRN combines the high quality, authoritative anti-fraud and audit content from the leading providers, AuditNet ® LLC and White-Collar Crime 101 LLC/FraudAware.

The two entities designed FRN as the “go-to”, easy-to-use source of “how-to” fraud prevention, detection, audit and investigation templates, guidelines, policies, training programs (recorded no CPE and live with CPE) and articles from leading subject matter experts.

FRN is a continuously expanding and improving resource, offering auditors, fraud examiners, controllers, investigators and accountants a content-rich source of cutting-edge anti-fraud tools and techniques they will want to refer to again and again.

Published in: Economy & Finance, Business
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Protecting Your Organization Against Check and ACH Fraud

  1. 1. Protecting Your Organization Against Check and ACH Fraud March 6, 2013 Special Guest Presenter: Paul McCormack, CFE Connectics Copyright © 2013 FraudResourceNet™ LLC About Peter Goldmann, MSc., CFE  President and Founder of White Collar Crime 101 Publisher of White-Collar Crime Fighter Developer of FraudAware® Anti-Fraud Training Monthly Columnist, The Fraud Examiner, ACFE Newsletter  Member of Editorial Advisory Board, ACFE  Author of “Fraud in the Markets” Explains how fraud fueled the financial crisis. Copyright © 2013 FraudResourceNet™ LLC
  2. 2. About Jim Kaplan, MSc, CIA, CFE  President and Founder of AuditNet®, the global resource for auditors  Auditor, Web Site Guru, Internet for Auditors Pioneer Recipient of the IIA’s 2007 Bradford Cadmus Memorial Award.  Author of “The Auditor’s Guide to Internet Resources” 2nd Edition Copyright © 2013 FraudResourceNet™ LLC Paul McCormack, CFE  17 years of fraud, litigation and business consulting experience  Worked directly with agents from federal, state and local law enforcement agencies including the F.B.I., G.B.I., D.E.A., and the Secret Service  Previously managed check fraud detection for SunTrust Banks Copyright © 2013 FraudResourceNet™ LLC
  3. 3. Webinar Housekeeping This webinar and its material are the property of AuditNet® and FraudAware®. Unauthorized usage or recording of this webinar or any of its material is strictly forbidden. We will be recording the webinar and you will be provided access to that recording within five business days after the webinar. Downloading or otherwise duplicating the webinar recording is expressly prohibited. Please complete the evaluation to help us continuously improve our Webinars. You must answer the polling questions to qualify for CPE per NASBA. Submit questions via the chat box on your screen and we will answer them either during or at the conclusion. If GTW stops working you may need to close and restart. You can always dial in and listen and follow along with the handout. Copyright © 2013 FraudResourceNet™ LLC Disclaimers  The views expressed by the presenters do not necessarily represent the views, positions, or opinions of FraudResourceNet LLC or the presenters’ respective organizations. These materials, and the oral presentation accompanying them, are for educational purposes only and do not constitute accounting or legal advice or create an accountant-client relationship.  Any mention of commercial products is for information only; it does not imply recommendation or endorsement by FraudResourceNet LLC Copyright © 2013 FraudResourceNet™ LLC 5
  4. 4. Today’s Agenda             Introduction Fraud Statistics Auditor’s Role in Fraud Detection Check & ACH Fraud Statistics Main Types of Check Fraud Red Flags of Check Fraud How ACH Fraud Occurs Red Flags of ACH Fraud Detecting Check and ACH Fraud Prevention/Control Measures Conclusion Questions Copyright © 2013 FraudResourceNet™ LLC The Auditor’s Role  IPPF Standard 1210.A3  Internal auditors must have sufficient knowledge of…available technology based audit techniques to perform their assigned work Copyright © 2013 FraudResourceNet™ LLC
  5. 5. Fraud: The Big Picture According to major accounting firms, professional fraud examiners and law enforcement:  Fraud jumps significantly during tough economic times  Business losses due to fraud increased 20% in last 12 months, from $1.4 million to $1.7 million per billion dollars of sales. (Kroll 2010/2011 Global Fraud Report)  Average cost to for each incident of fraud is $160,000 (ACFE) Of Financial Statement fraud: $2 million  Approx. 60% of corporate fraud committed by insiders (PwC)  Approx. 50% of employees who commit fraud have been with their employers for over 5 years (ACFE) Copyright © 2013 FraudResourceNet™ LLC Check & ACH Fraud Facts  Checks continue to be the dominant payment form targeted by fraudsters  85 percent of companies surveyed reported that checks were targeted  The typical loss associated with payment fraud is $19,200  Most organizations do not automatically change out affected bank accounts associated with payments fraud  Seventy-four percent of organizations maintain separate accounts for different payment methods and types Source: 2012 AFP Payments Fraud and Control Survey Copyright © 2013 FraudResourceNet™ LLC
  6. 6. Check & ACH Fraud Facts  Electronic check conversion services continue to experience a very low incidence of fraud (2%), making this service a good choice in helping minimize instances of check fraud.  17% of organizations that were targets of ACH fraud during 2011 suffered a financial loss as a result of such fraud  Positive pay, ACH filters and daily reconciliations are among the methods used to identify exception items that may include fraudulent transactions as well as errors and other rejects due to administrative issues Source: 2012 AFP Payments Fraud and Control Survey Copyright © 2013 FraudResourceNet™ LLC Check & ACH Fraud Facts  The most common reasons victim organizations are financially responsible for the losses sustained from ACH fraud include:  Not reconciling accounts on a timely basis  Not using ACH debit blocks or ACH debit filters  ACH return not being timely  Not using ACH positive pay Source: 2012 AFP Payments Fraud and Control Survey Copyright © 2013 FraudResourceNet™ LLC
  7. 7. Polling Question 1 The majority of organizations targeted by ACH fraudsters suffer a financial loss. A. True B. False Copyright © 2013 FraudResourceNet™ LLC Main Types of Check Fraud  Alterations – Chemicals remove or alter the original information inscribed on a check (for example, the payee, the amount etc).  Counterfeit – Check was never issued by the organization, it is a copy (the quality can vary significantly). Check is negotiated and ultimately debited against the organization’s account Copyright © 2013 FraudResourceNet™ LLC
  8. 8. Main Types of Check Fraud (cont)  Forged Endorsements / Signatures – Checks are stolen and then endorsed by someone other than the payee that the organization intended to receive the funds. An employee can also steal blank checks and forge official signature  Closed account fraud – Checks written against accounts that are closed and contain no funds Copyright © 2013 FraudResourceNet™ LLC Main Types of Check Fraud (cont)  Kiting - Kiting of funds involves writing checks against deposits that have not cleared. Money appears in two accounts - temporarily  Account takeover – Cyber-fraudster typically steals banking credentials by planting “malware” on target user’s computer. Almost immediately, wires, ACHs and occasionally checks are created. Once the money leaves the account it is laundered through a series of transactions making recovery of the funds all but impossible. Copyright © 2013 FraudResourceNet™ LLC
  9. 9. Check Fraud Red Flags  Checks are presented out-of-sequence  Bank’s fraud department routinely calls to verify check fraud suspects  Vendors complain about missing check payments  Canceled check endorsements are illegible or inconsistent  Payees appear to have been altered or do not appear to be business-related Copyright © 2013 FraudResourceNet™ LLC Check Fraud Red Flags  Check contains misspellings, typos, and grammatical errors, or doesn't have a watermark.  Routing transit number (RTN) or ABA number at bottom of the check doesn't accurately include the two sets of numbers on the upper right corner next to the check number. (The RTN or ABA number is the nine-digit code on the bottom of the check).  First three numbers indicate the state and district office of the issuer. These numbers don't coincide on altered checks. Copyright © 2013 FraudResourceNet™ LLC
  10. 10. Case Study #1  Kathleen Prince, the former bookkeeper / accountant for the Inner Circle Foster Family Agency received a sentence of 41 months for taking $708,924 from her employer for her personal use.  Prince made checks payable to herself as well as her creditors. She used the funds to pay her personal credit card bills, cell phone bills, and her mortgage. She also used to proceeds from the fraud to pay for a vacation to Hawaii.  To conceal the fraud from the board of directors, Prince altered the agency's accounting records and misrepresented the organization's health to board of directors. Copyright © 2013 FraudResourceNet™ LLC Case Study #1 – Lessons Learned  Check fraud is prevalent in all types of organizations. Charitable organizations are particularly vulnerable as they are unable, or unwilling to invest in additional controls or oversight to prevent it.  If board of directors allows a bookkeeper to control multiple elements of payment process, recording and reconciliation process, the probability that fraud will take place rises dramatically. Copyright © 2013 FraudResourceNet™ LLC
  11. 11. Polling Question 2 Writing checks against deposits that have not cleared is a definition of A. B. C. D. Check alterations Closed account fraud Kiting Account takeover E. Copyright © 2013 FraudResourceNet™ LLC Case Study #2  Karen Febles, a former a New York bank employee was charged with stealing $1.8 million from a retired employee of the bank while tasked with managing his personal and professional finances. Between 2007 and 2011, Febles allegedly altered checks for higher amounts that had previously been signed by the account holder  Febles purchased a Range Rover with $52,720 in cash, a Mercedes-Benz with $34,650 in cash, spent approximately $45,000 on vacation cruises, more than $100,000 on real estate, more than $20,000 on other car payments and more than $20,000 on personal expenses Continued … Copyright © 2013 FraudResourceNet™ LLC
  12. 12. Case Study #2 – Prevention Lessons  In addition to monitoring employee activities, all organizations should have software in place that monitors customer as well as employee account activity. Employees often mistakenly believe that they can use their personal bank accounts to conduct fraud unobserved.  Febles spent considerable funds on cars, vacations and real estate. It is possible that a fellow employee may have suspected that Febles was committing fraud. Key: If you have not done so already, deploy an anonymous hotline that employees can use to report concerns regarding employees, vendors and customers.  Failure to implement Segregation of Duties can be costly Copyright © 2013 FraudResourceNet™ LLC Polling Question 3 Choose all of the following that could be red flags of check fraud: A. Vendors complain about missing check payments B. Canceled check endorsements are illegible or inconsistent C. Payee name contains a typo D. Payees appear to have been altered or do not appear to be business-related A. Copyright © 2013 FraudResourceNet™ LLC
  13. 13. How ACH Fraud Occurs  Very easily!  Need two pieces of data – routing number and bank account number = Corporate account ID theft  Transaction is initiated by fraudster via an Originating Depository Financial Institution (ODFI)  ODFI “batches” transactions and delivered via a clearing house to Receiving Depository Financial Institution  RDFI posts transactions customer accounts  Account holder is unaware of transaction until ACH debit appears in account Copyright © 2013 FraudResourceNet™ LLC ACH Fraud Red Flags  Accounts are experiencing a significant increase in ACH debits (payroll accounts are especially vulnerable)  Unexplained ACH debits for small amounts from unknown vendors  Bank’s fraud department calls to confirm ACH debits  Accounting personnel are unable to reconcile all debit activity in organization accounts Copyright © 2013 FraudResourceNet™ LLC
  14. 14. ACH Fraud Notification  Consumers have 60 days to notify their bank. Corporate accounts have 2 days! Important: It is crucial that all accounts are reconciled on a daily basis  Banks routinely deny return requests outside of the 2 day window  Banks will enter litigation to defend their decision Copyright © 2013 FraudResourceNet™ LLC Case Study #3 – ACH Fraud  Mary Harris, a former treasury analyst for Central Parking Corporation, pleaded guilty to her role in an $1.9 million embezzlement.  Harris admitted that in her position she had access to organization bank accounts and the Automated Clearing House (“ACH”) system. Harris processed approximately 200 ACH transactions that deposited funds in her own bank account or the bank accounts of her relatives.  Harris concealed the fraud by making accounting entries in Central Parking’s accounting ledger and creating false emails to support the entries. Copyright © 2013 FraudResourceNet™ LLC
  15. 15. Case Study #3 – Lesson Learned  A fraudster only needs two pieces of data - your bank’s routing number and the account number  Payroll accounts are often the destination for fraudulent ACH transactions as the routing number and account number is widely circulated  If your organization’s bank accounts see a significant increase in ACH debits, fraudsters may be testing your ability to detect fraudulent transactions before unleashing a number of debits Copyright © 2013 FraudResourceNet™ LLC Case Study #3 – Prevention Lessons  Don’t ignore calls from your bank’s fraud department. They have considerable “behind the scenes” information regarding what a fraudulent ACH debit looks like  If you cannot reconcile all debit activity in your organization’s accounts, look for reasons for the unreconciled amounts Copyright © 2013 FraudResourceNet™ LLC
  16. 16. Case Study #3 – Prevention Lessons (continued)  Companies only have 2 days to notify their bank of a fraudulent ACH. Notify them immediately once detected  Given the short time period within which your organization is required to notify the bank, all accounts should be reconciled on a daily basis. Failure to do so will in automatic denial of any fraud claims made  Banks will often pursue litigation to defend their decision to deny the fraud claim Copyright © 2013 FraudResourceNet™ LLC Case Study #3 – Prevention Lessons (continued)  Since employees most often unwittingly provide fraudsters with the information they need to commit ACH fraud (bank account number & routing number), educate your employees on the dangers of ACH fraud. Helpful: Your bank will likely be able to provide examples of fraudulent phishing emails that criminals have used in the past  Pay attention to ACH fraud cases in the news. Consider whether a similar fraud could take place at your organization?  Designate one computer for all online banking transactions including ACH and wire Copyright © 2013 FraudResourceNet™ LLC
  17. 17. Case Study #3 – Prevention Lessons (continued)  Ensure that all of your organization’s computers have robust anti-virus software installed that is kept up to date automatically (no manual intervention to accept update)  Task your organization’s IT department with conducting frequent reviews of the computer designated for online banking to ensure that it remains virus free  To avoid complacency as well as the threat of employee fraud, rotate responsibility for ACH transactions every 6 months Copyright © 2013 FraudResourceNet™ LLC Polling Question 4 Commercial accounts have ______ days to inform the bank of an ACH fraud A. B. C. D. 60 30 2 10 E. Copyright © 2013 FraudResourceNet™ LLC
  18. 18. Check & ACH Anti-Fraud Tools  Positive pay and reverse positive pay  Positive pay - Bank will only pay Checks & ACHs that you provide  Reverse positive pay – Bank sends list of Checks & ACHs presented. Your staff reviews payment register to accept or reject  Check & ACH blocks – nothing can be debited  Check & ACH filters – select list of ACH debits allowed (approved companies)  Signature verification – check signatures are reviewed by bank (A service you must pay for to have specific checks reviewed prior to payment).  Dual control for online transactions – two levels of approval  Account alerts – flags unusual transactions Copyright © 2013 FraudResourceNet™ LLC Fraud Prevention – Bank Perspective  Bank must authenticate user as being authorized to access account and initiate transactions  The customer must act in an abnormal manner to be flagged  Transactions that are initiated are consistent with previous transactions, or companies of a similar size  Bank must do all of this while facilitating business for entire customer base  The bank and the corporate customer must work together  What tools does your bank have to detect Check & ACH fraud?  How will they notify you of suspected fraud?  Has your bank “missed” Check & ACH fraud in the past? Relying exclusively on your bank to prevent Check & ACH fraud will result in fraud Copyright © 2013 FraudResourceNet™ LLC
  19. 19. Case Study #4 – ACH Fraud  Patricia K. Smith, former controller for Baierl Acura, pleaded guilty to taking $10.2 million from the dealership over a 7 year period. Smith moved money from dealership's business accounts to her personal account using over 800 Automated Clearing Housing (ACH) transfers. Smith used the proceeds to fund:     $1.8 million billed to American Express for private jet charters $44,500 Super Bowl XLV $32,500 for a luncheon for six people prepared by Ina Garten $5,000 for "The Vatican Package," which included Mass in Papal Audience  $2,500 for a Phantom of the Opera experience, including costume fitting, wig fitting, an escort onstage during the Hannibal Opera sequence, and four seats for the performance. Copyright © 2013 FraudResourceNet™ LLC Case Study #4 – Prevention Lessons (continued)  A bookkeeper or controller should never be trusted without verification place in to ensure that they are performing their job. Their work should periodically be reviewed by their manager on at least a monthly basis. From time to time, consider engaging a CPA to conduct a review or audit of their work.  Assuming that your organization's bank will detect and prevent embezzlement is a risky assumption. In the bank's defense, since Smith was an authorized user of the ACH system, it is difficult for the bank to uncover unusual activity in a sea of regular business transactions. Copyright © 2013 FraudResourceNet™ LLC
  20. 20. Check & ACH Fraud Prevention Wrap-Up  Educate employees on ACH & Check fraud  Reverse engineer Check and ACH fraud in the news  Provide examples of fraudulent emails used to capture login information - What to look for in a fake website  Consider designating one computer for online banking  Robust anti-virus software that is up to date  Frequent reviews of computer to ensure virus free  Meet with your bank to understand Check & ACH fraud detection and prevention capabilities Copyright © 2013 FraudResourceNet™ LLC Check & ACH Fraud Prevention Wrap Up  Implement robust controls regarding the ordering, receipt and storage of check stock  Perform timely bank account reconciliations  Mail all checks as soon as they are signed  Enhance the “perception of detection” Copyright © 2013 FraudResourceNet™ LLC
  21. 21. Check & ACH Fraud Prevention Wrap Up  Segregate duties so that more than one employee is involved in the issuance, recording and reconciliation of payments  Deploy an anonymous employee hotline  Don’t rely upon your bank to uncover embezzlement  Rotate employees involved in the payment process frequently  Mandate that employees use their allotted vacation Copyright © 2013 FraudResourceNet™ LLC Polling Question 5 Choose all the following are effective prevention measures against check and ACH fraud… A. Implement robust controls regarding the ordering, receipt and storage of check stock B. Perform timely bank account reconciliations C. Mail all checks as soon as they are signed D. Enhance the “perception of detection” Copyright © 2013 FraudResourceNet™ LLC
  22. 22. Questions?  Any Questions? Don’t be Shy! Copyright © 2013 FraudResourceNet™ LLC Thank You! Website: Jim Kaplan FraudResourceNet™ 800-385-1625 Peter Goldmann FraudResourceNet™ 800-440-2261 Paul McCormack CFE Copyright © 2013 FraudResourceNet™ LLC