Current Trends in Fraud Prevention


Published on

bbcon 2013

Published in: Economy & Finance, Business
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Current Trends in Fraud Prevention

  1. 1. 9/29/2013 #bbcon Current Trends in Fraud Prevention 1 Current Trends in Fraud Prevention PRESENTED BY MELANIE MORTON
  2. 2. 9/29/2013 #bbcon Current Trends in Fraud Prevention 2 • Title: Manager of Blackbaud Forms • My educational background is in philosophy. I’ve worked as an academic, a Wall Street research analyst, and a help desk manager. • Hobbies: Anything artistic. I love making things –bookbinding, limestone sculpture, really good bread, or quilts. My ideal vacation is a cross-country bike trip. • Contact me: MELANIE MORTON Download this presentation with the bbcon mobile app or from the post-conference landing page at
  3. 3. 9/29/2013 #bbcon Current Trends in Fraud Prevention 3 • Background • Types of Payments Fraud • The Fraud Prevention Matrix • Procedural Controls • Your Bank’s Requirements • Other Fraud Prevention Tools • Recommendations • Further Reading AGENDA
  4. 4. 9/29/2013 #bbcon Current Trends in Fraud Prevention 4 This talk focuses on how to manage vulnerabilities and liabilities to common forms of payment fraud Primary sources:  2012 Payments Fraud Survey by The Federal Reserve Board of Minneapolis. 246 respondents in the upper Midwest, including 92% financial institutions  2012 Report to the Nations on Occupational Fraud and Abuse by the Association of Certified Fraud Examiners (ACFE)  2013 AFP Payments Fraud and Control Survey, March 2013, Association for Finance Professionals. Survey had 625 respondents representing corporate practitioner members and non-members of AFP with the following job titles: cash managers, analysts and directors. BACKGROUND
  5. 5. 9/29/2013 #bbcon Current Trends in Fraud Prevention 5  90% of respondents to the Federal Reserve Board’s latest survey suffered dollar losses due to payments fraud  For non-FI respondents, check fraud accounted for 78% of their dollar losses  In the AFP survey, checks accounted for 69% of the cases with financial loss due to fraud  The median loss to an incident of payments fraud was $20,300 FRAUD IS WIDESPREAD
  6. 6. 9/29/2013 #bbcon Current Trends in Fraud Prevention 6 Industry check-related losses amounted to an estimated $893 million in 2010 -- American Bankers Association This figure doesn’t include losses to account holders, who bear a much higher proportion of the liability for check fraud losses. THE COST OF FRAUD
  7. 7. 9/29/2013 #bbcon Current Trends in Fraud Prevention 7 “One of the simplest and most prevalent ways to commit a financial crime, to steal money, is to commit some form of check fraud.” “While we may never know the full costs of check fraud across the financial industry, some of the available information shows impacts that are staggering.” James H. Freis, Jr., Director, Financial Crimes Enforcement Network U.S. Department of the Treasury SIMPLE, PREVALENT, & STAGGERING
  8. 8. 9/29/2013 #bbcon Current Trends in Fraud Prevention 8 Credit and Debit Card Fraud ACH, Wire Transfer & Corporate Account Takeover (CAT) Fraud Check Fraud The ACFE estimates most fraud takes 18 months to uncover. Timely review is essential! TYPES OF PAYMENT FRAUD
  9. 9. 9/29/2013 #bbcon Current Trends in Fraud Prevention 9 • Forged signatures or endorsements • Altered checks – amounts, payee, MICR (to slow down clearing process) • Counterfeiting – fabricating or duplicating • Holder in Due Course (HDIC) claims CHECK FRAUD
  10. 10. 9/29/2013 #bbcon Current Trends in Fraud Prevention 10 Holder in Due Course (HDIC) claims are a powerful part of the Uniform Commercial Code which privileges the needs of the banking system over consumer protections. These claims create a special area of check fraud vulnerability for account holders. A Holder in Due Course is anyone who accepts a check for payment. This is usually a bank, but it can also be a merchant or check cashing business. If they cash a check in good faith that is not suspiciously irregular, then they are entitled to be paid, even if it later turns out that the check is fraudulent. • HDIC claims are superior to all other contracts, including stop payments and Positive Pay • HDIC rights can be sold PRIVILEGED FRAUD: CHECKS & HDIC CLAIMS
  11. 11. 9/29/2013 #bbcon Current Trends in Fraud Prevention 11 Robert Triffin buys “dishonored checks” and uses HDIC claims to sue for payment. Here are three cases tried in the Superior Court of New Jersey. HDIC beats Stop Payments Triffin v. Cigna Insurance Company A check issued by Cigna was falsely claimed to be lost. Cigna issued a stop payment and provided a new check. The first check was then cashed at Sun’s Market, who presented it for payment through its bank. Cigna’s bank dishonored the check. Mr. Triffin acquired the check and filed an HDIC claim more than two years after the check was dishonored. The court ruled in favor of Mr. Triffin. Fraud prevention: • Print expiration on the front of the check and don’t issue replacement checks until after the original has expired HDIC CLAIMS IN ACTION
  12. 12. 9/29/2013 #bbcon Current Trends in Fraud Prevention 12 Plausible Fraudulent Checks are Valid Triffin v. Somerset Valley Bank Mr. Triffin bought $9K worth of counterfeit, forged checks returned to a check cashing business marked “Stolen check – Do Not Present Again.” The payroll checks in question matched both the stock and the signature stamp used by the account holder. Despite the fact that they were unauthorized, the fraudulent check documents were deemed to be valid “negotiable instruments.” The Court reasoned that in order to preclude liability from a holder in due course claim, “it must be apparent on the face of the instrument that it is fraudulent.” The court ruled in favor of Mr. Triffin. SCARIER HDIC CLAIMS IN ACTION
  13. 13. 9/29/2013 #bbcon Current Trends in Fraud Prevention 13 High Security Checks Can Beat HDIC Claims Triffin v. Pomerantz Staffing Services, LLC Pomerantz Staffing used high security checks with a warning banner on the front that stated “This Check Has Heat Sensitive Ink to Confirm Authenticity.” Someone made copies and cashed 18 checks worth $7,000 at Friendly Check Cashing. Pomerantz’s bank returned the checks unpaid. Mr. Triffin bought the checks and claimed HDIC status. Since Friendly had the means to determine authenticity, the court ruled against Mr. Triffin. Fraud prevention: • Use preprinted, high security check stock with features that verify authenticity to limit HDIC claims DEFENDING AGAINST HDIC CLAIMS
  14. 14. 9/29/2013 #bbcon Current Trends in Fraud Prevention 14 THE FRAUD PREVENTION MATRIX
  15. 15. 9/29/2013 #bbcon Current Trends in Fraud Prevention 15 The best defense involves a combination of tactics • Procedural controls • Check fraud prevention • Transaction screening • Fraud protection services THE FRAUD PREVENTION MATRIX
  16. 16. 9/29/2013 #bbcon Current Trends in Fraud Prevention 16  Reconcile both bank and card-related accounts daily  Segregate accounts by payment type and purpose to easier identify exceptions & enable use of transaction filters & blocks  Report potential fraud occurrences to your bank in a timely manner  Offer Employee Support with documented procedures & training  Enforce security procedures with  Authentication/authorization controls in payment process such as strong passwords & security token or key fob that generates one- time-use passwords  Physical access controls to payment processing PROCEDURAL CONTROLS 1
  17. 17. 9/29/2013 #bbcon Current Trends in Fraud Prevention 17  Enforce security procedures (cont’d)  Logical access controls to network and payment apps  Dedicated computer for financial institution transactions or restrictions on staff use of Internet on your network  Transaction limits for payment disbursements & corporate card purchases  Separate duties in payment process (submitting bills, approvals, signing checks, and reconciliation)  Internal and external audits  Employee hotline to report potential fraud Organizations with some form of hotline in place saw a much higher likelihood that fraud would be detected by a tip (51%) than organizations without such a hotline (35%).” - ACFE PROCEDURAL CONTROLS 2
  18. 18. 9/29/2013 #bbcon Current Trends in Fraud Prevention 18  Maintain authorized signers documentation with your bank  For checks:  Don’t leave blank spaces in the payment or payee areas  Print expiration on front of check  Keep secure – lock up check stock & signature stamps  Use Stop Payments & close the bank account if you discover a check with a fraudulent payable amount  Report stolen checks to check verification companies such as Telecheck and Certegy, so other businesses will refuse the stolen checks The most commonly used techniques are not necessarily the most effective PROCEDURAL CONTROLS 3
  19. 19. 9/29/2013 #bbcon Current Trends in Fraud Prevention 19 Small organizations  Had far fewer anti-fraud controls  Were victimized by fraud more frequently  Suffered disproportionately large median loss of $147,000 FRAUD IN SMALLER ORGANIZATIONS
  20. 20. 9/29/2013 #bbcon Current Trends in Fraud Prevention 20 The most effective general controls are:  Planned and surprise internal audits  Employee support programs  Hotlines These three were correlated with the greatest decreases in financial losses Organizations lacking these controls experienced median fraud losses approximately 45% larger than organizations with the controls in place BEST CONTROLS
  21. 21. 9/29/2013 #bbcon Current Trends in Fraud Prevention 21 • External audits of financial statements — the most commonly implemented control among the victim organizations in the ACFE study — showed the least impact • Nothing When asked to describe which weakness had led to the fraud occurrences at victim organizations, “an outright lack of controls” was the most frequently cited factor WORST CONTROLS
  22. 22. 9/29/2013 #bbcon Current Trends in Fraud Prevention 22 YOUR BANK’S REQUIREMENTS
  23. 23. 9/29/2013 #bbcon Current Trends in Fraud Prevention 23 Ordinary Care is a legal term that means the requirement to act with the same watchfulness, attention, caution and prudence as a reasonable person in the same circumstances. Failure to meet this standard constitutes negligence. Your bank legally gets to define ordinary care as it pertains to your company and their security standards. • Learn how your bank defines your firm’s responsibilities to prevent fraud • Be aware of the liability arrangements spelled out in your banking agreement • Review periodically for changes YOUR BANK DEFINES “ORDINARY CARE”
  24. 24. 9/29/2013 #bbcon Current Trends in Fraud Prevention 24 FRAUD PREVENTION TOOLS
  25. 25. 9/29/2013 #bbcon Current Trends in Fraud Prevention 25 The Best Defense Is A Great Defense FIGHT CHECK FRAUD
  26. 26. 9/29/2013 #bbcon Current Trends in Fraud Prevention 26 High security checks are better than regular checks because they are more resistant to tampering and they make evidence of tampering more apparent. They present more difficult and numerous technical challenges to the criminal. Because of this, high security checks are your first line of defense against check fraud. Added benefits: • A strong defense means fewer challenges • Protect from some HDIC claims when they include authentication features that survive duplication • Demonstrate “Ordinary Care” HIGH SECURITY CHECKS
  27. 27. 9/29/2013 #bbcon Current Trends in Fraud Prevention 27 When we made the decision to offer High Security checks, we selected the paper supplier who offered the fullest number and range of robust security features. While our competitors typically offer only 10 to 16 security features, Blackbaud Forms offers much more.  Guardian Plus checks have 28 security features including Controlled Paper Stock, Foil Hologram, Thermochromic Ink, True Watermark and other state‐of‐the‐art security measures. This check is extremely difficult to replicate or alter without leaving evidence. The holographic foil provides 3 different security features and is extremely difficult to scan or copy – proving authenticity that should survive the slackest check cashing clerk.  Guardian checks have 25 security features, which include everything but the holographic foil used for our Guardian Plus checks NOT ALL HIGH SECURITY CHECKS ARE THE SAME
  28. 28. 9/29/2013 #bbcon Current Trends in Fraud Prevention 28 “Positive pay, ACH filters and daily reconciliations are among the best methods to identify exception items that may include fraudulent transactions or errors.” -- AFP Highly recommended and often required by your bank, these services are your most powerful fraud prevention tool. But there are criticisms: • 15% of the AFP survey respondents say that managing the payments exceptions is time-consuming, as well as costly to research and to resolve • Execution errors can cause the bank to reject valid checks or clear check meant to be rejected • Not bulletproof: HDIC claims take precedence over Positive Pay • Can miss scams where additional payee names are added above or next to the original name • Since banks sell these services, some complain they are paying the bank to reduce the bank’s own liability TRANSACTION SCREENING SERVICES
  29. 29. 9/29/2013 #bbcon Current Trends in Fraud Prevention 29 Positive Pay & ACH Positive Pay - This bank service compares check numbers (or transaction ids) and amounts without regard to payee against check run reports supplied by you. If discrepancies exist, you are notified so you can authorize or reject the payment. Payee Verification/Payee Positive Pay - An enhancement to traditional Positive Pay & ACH Positive Pay– this add-on service reports payee name exceptions Reverse Positive Pay - A pared down version of Positive Pay, the account holder reviews the list of checks presented for payment to self-identify discrepancies Post No Checks - prevents check debits from selected accounts dedicated to electronic payments or depository ACH Blocks - prevent all ACH credit and/or debit activity from posting to an account and returns all those transactions to the originating bank ACH Debit Filter - allows only authorized ACH transactions TYPES OF TRANSACTION SCREENING SERVICES
  30. 30. 9/29/2013 #bbcon Current Trends in Fraud Prevention 30 Thanks to HDIC claims and scams that manage to defeat transaction screening, some vulnerability remains. Fraud protection services have emerged recently to fill this gap or provide an alternative to the other prevention tools. The value, scope & costs of these different plans vary widely. If fraud gets through your defenses, you need expert help to deal with it effectively. We like FraudArmor’s protection service for the scope & value of services they provide. They work on your behalf to aggressively defend your interests. FraudArmor protection provides a remediation and recovery service for financial and non-financial fraud affecting your checks and associated accounts, as well as monitoring for identity theft, and more. • Sold with a specific run of checks • Provides coverage for 12 months from shipment date • Costs 3¢ per check • Not a form of insurance - FraudArmor does not reimburse for fraud FRAUD PROTECTION SERVICES
  31. 31. 9/29/2013 #bbcon Current Trends in Fraud Prevention 31 FraudArmor responds to different types of fraud • Forged, altered or counterfeit checks • Credit or debit card fraud • ACH fraud • All other identity theft, including financial and non-financial fraud such as employment fraud, medical fraud, Internet fraud, etc. FraudArmor service includes: • A number of professional services to assist in recovering from identity fraud, including making claims to financial institutions and other entities for reimbursement of funds lost due to fraud • Free replacement checks • FraudArmor logo printed on check for deterrence and to signify eligibility HOW IT WORKS
  32. 32. 9/29/2013 #bbcon Current Trends in Fraud Prevention 32 FraudArmor specialists are the most highly credentialed in the industry. They have: • FCRA/FACTA – Fair Credit Reporting Act /Fair and Accurate Credit Transactions Act Certified allows them to work directly with credit bureau data • CITRMS – Certified Identity Theft Risk Management Specialist by the Institute of Consumer Financial Education • Licensed Private Investigators – Equips the Fraud Specialist to better spot clues that may lead to the identification and arrest of the perpetrator. The Fraud Specialist also maintains a detailed case file which helps with the prosecution of the perpetrators. • Members of AMCRIN’s CrimeDex – Provides access to a national database of criminal information, including identity theft rings and scams, which is shared and regularly updated among law enforcement • Crisis Counseling Trained • Limited Power of Attorney – Work with for the victim, utilizing a LPOA, to do most of the legwork for the victim SPECIALIST CREDENTIALS
  33. 33. 9/29/2013 #bbcon Current Trends in Fraud Prevention 33 BEST PRACTICES
  34. 34. 9/29/2013 #bbcon Current Trends in Fraud Prevention 34 • Implement strong internal controls which incorporate your bank’s requirements • Use high security check stock • Limit risk with an appropriate mix of transaction screening services • Manage fraud claims effectively with FraudArmor FRAUD PREVENTION BEST PRACTICES
  35. 35. 9/29/2013 #bbcon Current Trends in Fraud Prevention 41 Download this presentation through the bbcon 2013 mobile app or visit to download from the post-conference landing page • Contact me: THANK YOU!