The Evolution of Check FraudRemote Deposit, Imaging Open New Doors to Fraudsters
According to the new Faces of Fraud Survey, check fraud is one of the top three fraud forms plaguing banking institutions, joining the likes of phishing and vishing, and payment card fraud. Sixty-three percent of survey respondents say they experienced check fraud in 2010. Yet only 34 percent of banks and credit unions say they are well equipped to fight these crimes.
"Check fraud is so prevalent because it's easy," says Steve Kenneally, vice president of the Center for Regulatory Compliance within the Financial Policy and Regulatory Affairs division of the American Bankers Association. "This is low-tech crime, and a lot of fraud prevention in this area is focused on training frontline tellers to ask questions. ... When human interaction is involved, the human analysis is your best line of defense."
2011 TrendsThough a bit surprised by the survey's findings, Kenneally says fraud prevention investments are likely going elsewhere. "They may be allocating their fraud-detection resources across more than one channel, like ACH," he says. "But I don't think that they are ignoring check fraud."
Avivah Litan, vice president and distinguished analyst at Gartner Research, says institutions are expected to invest more heavily in measures to cut fraud in 2011, but a focus on check fraud is likely not the biggest allocation.
"There is much more demand for enterprise fraud management than there ever has been," she says. "I also think the banks want to cut down on the number of the vendors they work with, so they want to consolidate their fraud operations. I'm sure they want the budget to invest in more, but they just can't get the budget."
Thirty-four percent of survey respondents say they will increase budgetary investments and/or personnel to improve fraud prevention in 2011. Kenneally says more monetary investments will go to ACH. "ACH is growing about 9 percent per year, according to transaction volume from 2006 to 2009, and checks have dropped about 7 percent a year," he says. "You will definitely see banks concentrating their IT investments, their capital investments in payment channels that are growing."
Besides, Kenneally says, between 2011 and 2013, banks and credit unions are expected to dramatically reduce check volumes by moving check-reliant consumers over to electronic payment methods. That will include migrating federal-benefit recipients from paper checks to direct deposits and prepaid cards. "This isn't like the Treasury initiative from 10 years ago, where you could opt out and say, 'Oh, I want to keep receiving a paper check.' Nope, the time has come. This is for real. Everyone is going to be migrated over to an EFT payment."
That means 12 million U.S. consumers will no longer receive paper checks after 2013 for payments from the government.
"I think we're going to be seeing check fraud decrease roughly at the same pace as check volume decreases," Kenneally says. "But with the increased volume going across the (ACH) network and the increased attention it is going to get, it tells us that we need to remain vigilant in protecting our ACH networks."
The Imaged Check and FraudAs fraud opportunities in the paper check realm disappear, fraudsters will find new ways to manipulate other payment forms, such as check images. The industry has already tasted a flavor of this, when over the past summer overseas hackers broke into an unencrypted online database of check images housed by a third party. With information collected from the images, the fraudsters were able to create counterfeit checks.
"As we move into the imaged environment, more will emerge," Kenneally says. "You could have more fraud in the remote deposit area, where you have merchants making deposits remotely and consumers making check deposits from home with scanners. ... Banks have to have safeguards in place to detect when a check has been imaged and deposited twice."
Matthew Speare, who oversees security for Buffalo, N.Y.-based M & T Bank Corp., says check fraud translates to high-dollar losses banks. As more check payments and deposits move to images, financial institutions of all sizes must ensure that they keep apace with fraud trends. "Imaging could pose more problems because it takes the human-detection element out of the equation," he says.
That element highlights the need for more channel integration and cross-channel management, say fraud experts such as George Tubin of TowerGroup say. "[Cross-channel fraud] is basically a fraud that occurs when a criminal or fraudster uses resources from the institution across different channels or payment types," he says. "Recognizing that a bank typically works in a very siloed technology environment, where information across the channels isn't necessarily shared, they then use that information and insight from the institution and commit fraud."
Checks and ACH could be connected fraud pieces, Tubin says. When all of the channels and payment methods are brought into the fold, institutions will do a better job of fighting fraud across the board. "Institutions are continuing to see sort of the end result of the fraud, whether it is a credit-card fraud, debit-card fraud, an ACH fraud, whatever it might be," he says. "They simply stop there and classify it as a fraud that occurred that way, rather than working their way back to really understand the trail."
Steps banking institutions should take to curb check fraud in 2011:
- Continue training front-line employees such as tellers about clues to watch look for regarding counterfeit checks;
- Ensure systems or manual reviews check for multiple deposits of check images;
- Make sure detection software at imaging ATMs rejects or holds suspicious checks;
- Dedicate resources to cross-channel fraud detection, to ensure check fraud is part of the overall fraud picture;
- Enlist or appoint a team within the institution that is dedicated to reviewing fraud-detection and deterrence processes on a regular basis, giving the team the ability to react to emerging fraud trends;
- Do not needlessly store paper checks for backup;
- Ensure that online storage facilities for check images are encrypted, especially when working with a third-party vendor.