The Bulletin ACH Fraud Mobile Fraud Corporate Small Business Fraud Check Fraud Scams Cyber Crime

Inside this Issue

1 Check Fraud – It’s Still #1 12 Check Security Features – Why They Matter 2 The Mobilization of Fraud NEW! 14 Abagnale SuperBusinessCheck 3 Cyber Crime Prevention 4 Check Fraud Prevention – 15 SAFEChecks Best Practices 16 Abagnale Supercheck 6 Court Cases: Holder In 18 Embezzlement: Preventing Due Course • Check Fraud The “Inside Job” Scams • Positive Pay 8 ACH Fraud – Small But 20 Identity Theft – It Can Growing…. Happen To You 9 Positive Pay, ACH, and 21 Corporate Identity Theft Check Writing Software NEW! Small Business – 10 Laser Printing and Fraud Prevention Check Fraud NEW! 11 Check 21: Volume 12 The Hidden Liability Frankly Speaking . . . co-pay is paid with a check drawn on your costs a victim $1,173 and 175 man-hours to account. You have just provided enough get their credit report straightened out. Fixing information for someone to become you. the problem is not as simple as saying “…I Another example. You walk into an did not apply for that loan.” You must prove upscale department store to make a purchase. you did not apply for that loan. To fix things, You take your selection to the cashier and you must first convince the or write a check. On that check is your name, finance company. Then, you must convince address and home phone number, the name all three credit bureaus. In most cases, the of your bank and its address, and your bank credit bureaus refuse to delete the dispute account number. The cashier asks for your from your credit files. Instead, they put an driver’s license. The cashier memorizes the asterisk and say, “Customer disputes this Visa birth date on your license, and then asks for charge, claims they were a victim of identity your work phone number, which will give them theft.” The result is that anyone accessing your the name and address of your employer. Once credit report, whether a potential employer or ome of the most serious financial again, a thief has sufficient a company considering granting crimes in America are check fraud information to apply for credit you credit, may question whether and identity theft. The Nilson Report in your name. you were really a victim or if you SSestimates check fraud losses to be I am 65. As a teenager were just ripping somebody off. about $20 billion a year. Check fraud is by I did things that today, as I am personally concerned far the most dominant form of payment fraud a husband and father, an about identity theft. A few years and produces the greatest losses. Check fraud educator and consultant, I am ago, I subscribed to a service gangs are hardworking and creative. They not proud of. But, recounting that notifies me each time my constantly try new techniques to beat the one youthful experience may credit report is accessed. banking system and steal money. Historically, be illustrative. Privacy Guard (www. the have been liable for these losses. In my youth, when I privacyguard.com/frank) provides However, changes in the Uniform Commercial wanted to establish a new me with the contact information Code now share the loss with the depositor. identity (so that I could open of any company that obtained Furthermore, the Federal Trade a bank account and pass bad my credit report, as well as the Commission reported that nearly 15 million checks), I would go to the means to correct false data. I Americans have been victims of identity theft, Department of Vital Records (in any city I was consider their annual fee money well spent. costing consumers $5 billion and banks and in). I would ask to see the death records for This publication was written to help businesses $56 billion every year. Because 1948, the year I was born. Every fifth or sixth individuals and companies learn how to this crime is so simple to commit, I believe entry was an infant who had died at birth. I reduce their risk of check fraud, identity theft identity theft will become one of the most would write down the death information and and embezzlement. I hope you find it useful. profitable criminal activities in history. later apply for a birth certificate in that name. Because there was not space to cover every There are endless opportunities for a I would fill out a form, pay $10, and obtain a scam, I have included references to various criminal to obtain the necessary information to legitimate birth certificate. I would go to the agencies and organizations with useful commit identity theft. Let me illustrate just two, DMV and get a license with my picture, my products or information. I have written three beginning with your visit to a doctor. As a new description, and somebody else’s name. I had books, The Art of the Steal, The Real U Guide patient, the receptionist asks you to complete 50 legitimate driver’s licenses. to Identity Theft and Stealing Your Life, that a form that asks for your name, address, Now, 40 years later, you can buy a CD cover numerous scams and solutions in detail. phone number, and your employer’s name, ROM with birth and death records, and can For individuals concerned about check fraud, address and phone, and your health history. apply for a new birth certificate by mail. There I designed the Supercheck, a high-security They copy your insurance card, which may are Web sites that sell Social Security numbers personal check with 12 safety features. I also include your Social Security number. Your for $49.95. Their advertisements claim that they designed the SuperBusinessCheck and can tell you anything about SAFEChecks for companies and organizations anybody. I researched these that want extremely secure checks. companies—all you provide is See Pages 14 through 17. someone’s name, address and DOB—and they will tell you Sincerely, everything you want to know, including spouse and children’s names. For the identity theft victim, the nightmare has www.abagnale.com www.supercheck.net just begun. On average, it

Abagnale Fraud Bulletin, Volume 12 Greg Litster, Robin Johnson - Editors Check Fraud–It’s Still #1 heck fraud litigation began in 1762 fraud losses, all of which were within the contributed to a forged or altered check, they with Price v. Neal, and check fraud organization’s control: in 28% of the cases, may be restricted from seeking restitution from has continued unabated for the Positive Pay or account reconciliation was not the bank. Second, the concept of “comparative CC last 250 years. With 70% of today’s timely, and 21% of the time the losses came negligence” in Sections 3-406(b) and 4-406(e) organizations still issuing checks, check fraud from internal fraud. Internal fraud was up can also shift liability from the bank to the will not be going away anytime soon. The AFP from 13% in 2012. Another 17% did not use account holder. If both the bank and the Payments Fraud and Control Survey indicates Positive Pay. account holder have failed to exercise ordinary that “checks continue to be the dominant care, a loss may be allocated based upon how payment form targeted by fraudsters,” with Holder in Due Course each party’s failure contributed to the loss. 82% of affected organizations reporting that In 38% of the check fraud losses, the their checks were targeted.1 fraudulent check was cashed by a check- Read Bank Contracts cashing service, initiating a Holder In Due Read your bank contracts and Disclosure Course claim. This is up from 22% last year, Agreements to understand your liability for a showing large rise in losses stemming fraud losses under the UCC. This includes the from Holder In Due Course claims. Holder in small print on signature cards and Disclosure Due Course (HIDC) is a powerful part of the Statements. A bank’s intentions must be stated Uniform Commercial Code which regulates clearly to prevail against a customer in a check an organization’s liability for check fraud. fraud case. Banks are re-writing their signature Under HIDC, a company can be held liable card agreements and adding new provisions to for counterfeit items that look “genuine,” their Disclosure Statements. For a summary of or are virtually identical to its own checks. the UCC, visit www.FraudTips.net. If a genuine-looking counterfeit check was cashed by the bank, even if the account was Risk Management Not only are checks the dominant vehicle on Positive Pay, the issuer can still be held Financial institutions and bank customers for committing payment fraud, they are the liable. Placing a stop payment on a check does face a shared risk from check fraud. greatest source of actual losses. Almost 60% not end the issuer’s liability to pay the check. Executives must answer “How do we assess of financial losses come from check fraud – Holder in Due Course trumps stop payments our risk? How much financial exposure are we more than all other forms of payment fraud and Positive Pay. This is the reason to use a willing to assume? What real and hidden costs combined. All types and sizes of organizations controlled check stock, and to have a short will we bear if we become victims of payment are targeted, and those that are successfully expiration date printed on the check. To learn fraud? How might our image and reputation be hit once are often targeted repeatedly. more about Holder In Due Course, see damaged? How much are we willing to spend Page 6. to reduce this exposure?”

Uniform Commercial Code Prevention Is For The legal basis for liability in check fraud Everyone losses is found in the Uniform Commercial Everyone has a responsibility to help Code (UCC). The UCC places responsibility for prevent check fraud. Financial institutions check fraud losses on both the bank and its still list check fraud as one of their top customers. Responsibility for check issuers and three threats, and view a lack of customer paying banks falls under the term “ordinary awareness as one of their biggest challenges care.” Ordinary care requires account holders in fraud prevention. Given that 70% of today’s to follow “reasonable commercial standards” organizations still issue checks, financial prevailing in their area and for their industry or professionals must use a number of tools and In the latest AFP Survey, 62% said that business. For example, in the AFP 2014 survey, strategies to protect their organizations. The the most prevalent check fraud method was 81% of all organizations use Positive Pay. A Federal Reserve recently required all banks “counterfeiting by altering the MICR line on bank can argue that a company not using to educate their customers on how to prevent the check.” Other types of counterfeit checks Positive Pay is not exercising “ordinary care.” fraud. Fraud mitigation tools are discussed used a fake company name. More than half See “Cincinnati” on Page 8. Under Sections throughout this Fraud Bulletin, and should be – 52% – of check fraud attempts involved 3-403(a) and 4-401(a), a bank can charge reviewed with your bank. altered payee names, and 37% were altered items against a customer’s account only if they Frank Abagnale concludes: dollar amounts. This is up from 49% and 25% are “properly payable” and the check is signed “Punishment for fraud and recovery of respectively in 2012. Such alterations may with an authorized signature. If a signature is stolen funds are so rare, prevention is the have been prevented by using high security forged, the account holder may still be liable if only viable course of action.” checks. (See Pages 14 – 16.) one of the following exceptions applies: There were additional reasons for check 1Association for Financial Professionals (AFP) 2014 Payments Fraud and First, if account holders’ own failures Control Survey

© Frank W. Abagnale 2014 Page 1 • Abagnale Fraud Bulletin, Volume 12 The Mobilization Of Fraud obile fraud is “the new Mobile Banking (the depositor) made when the electronic kid on the block,” and it Over 28% of all mobile phone users image was deposited. The remedy: Under is skyrocketing. Malicious have used a mobile banking app in the past Check 21, the first presentment of the MM activity on the mobile 12 months, and 15% have made a mobile check (via smartphone) can be charged platform is growing much more quickly payment. Mobile payment growth has been back to the bank of first deposit as a than it did on the PC platform, and many slow because of concerns about security, breach of Warranty (due to the second industry experts believe that mobile threats but its use is steadily increasing. Growth of presentment) for up to one year from the will eventually surpass PC threats. Many of corporate payments is slow due to invoicing date the injured party discovers the loss. the attacks stem from applications that are and remittance detail complexities. innocently downloaded onto mobile devices. Mobile remote check deposit has become Mobile Deposits & The total number of malicious apps grew one of the most desirable mobile banking Holder In Due Course 614% last year. applications. Over 80% of banks offer or plan Scenario: John Doe picks up a check The vast majority of mobile malware is to offer Remote Deposit Capture (RDC) for made payable to “John Doe” from a business aimed at the Android platform. In the third mobile phones. Fraudsters have largely left or individual. He walks outside and deposits quarter of 2013, McAfee Labs found over mobile RDC alone, perhaps because of low the check remotely using his smartphone. He 17,000 new strains of malware targeting daily deposit limits. However, cases of double- then walks back inside and returns the check, Android devices. These include several mobile depositing of checks via mobile banking are asking that it be replaced with a new check malwares that can capture a bank customer’s growing. made payable to John Doe OR Jane Doe. The user name and password, and can intercept issuing person or company reissues a new text messages the bank sends to check payable to John Doe or Jane its customer for authentication. The Doe. They don’t think to place a Stop malicious parties can then access Payment on the first check because it is the account and transfer funds. in their physical possession. John Doe Smishing is another new mobile cashes the second check, and waits fraud strategy, sending unsolicited overnight for the first check to clear text messages to capture a victim’s before withdrawing the money from the personal data. Once spammers first check. Unfortunately, the drawer capture the information, they either issuing the check can be held liable for sell it or use it to commit fraud. both checks. Reason: The second check Mobile fraud is not aimed was cashed at the bank, and the first solely at accessing someone’s bank check was deposited remotely. While account. Much of the new malware banks often cooperate to stop fraudulent is used for “toll fraud,” tricking activity, John Doe’s bank is a Holder In victims into calling premium-rate Due Course and is under no obligation numbers owned by the attackers. to return the funds to the issuer. Each successful attack can yield $10 To prevent this kind of theft, if a in immediate profit to the fraudsters, iStock Photos check leaves your possession for any per call. length of time and is returned for a A major concern for mobile users are replacement, place a Stop Payment on that links to malicious Websites. The links may Mobile Deposits & check. Cause the recipient to sign an affidavit be imbedded in emails, attachments, social Double Debits declaring the check has not been remotely networks or text messages, and are activated The legal basis for depositing a digital deposited, and accepts liability for all expenses when the victim clicks on the link or visits the image of a check is Check 21. Check 21 to recover any stolen funds. See “Check 21”, site with their mobile device. has a rule (“Warranty”) that specifically Page 11. On the e-commerce side, mobile prohibits a check or its image from being Protect your mobile device from malware transactions are expected to grow by 40 presented for payment more than once, by updating to the latest operating system percent to $325 billion in 2014 due to tech and provides a powerful recovery remedy and using mobile security apps. Read reviews advancements and changes in shoppers’ if it occurs. Example: John Doe receives a of security apps at http://securitywatch. behavior. Criminals are trying to figure check and deposits the check (its electronic pcmag.com. Be wary of unsolicited app out the best approaches to compromise image) via his smartphone app. He still offers, especially if it comes to you via a text mobile transactions. As far as criminals are possesses the physical check, which he message. Trustworthy apps will have many concerned, it’s easier and more rewarding to later cashes at a check-cashing store. users, and will have many user reviews target retailers than individual phones. While When the check casher deposits the original written in correct English. Check your mobile tracking mobile fraud is relatively new, over physical check and it hits the drawer’s bank phone bill for unknown or unusual charges. 25% of merchants engage in some sort of account, that second presentment of the Remember: for mobile fraud prevention, the mobile fraud awareness and prevention. check breaches the Warranty that John Doe best defense is to use common sense.

Page 2 • Abagnale Fraud Bulletin, Volume 12 Cyber Crime Protection yber crime is a mature, In 2010, the owner of Village View Escrow • Frequently review network log data to underground international in Redondo Beach received an e-mail informing identify any unusual or unauthorized events. business with well-organized her that a UPS package she had been sent • Install software that limits the sites users may CC syndicates attacking companies, was lost, and urged her to open the attached access; use caution on unknown Websites. municipalities, non-profits, even power invoice. When she opened the attached file, • Use a network-based Intrusion Prevention grids. These syndicates also sell customized nothing happened, so she forwarded it to System (IPS). malware and instant hacking tools to novice her assistant who also tried to open it. The • Educate in-house developers about secure cyber criminals, allowing them to quickly join alleged “invoice” contained a keystroke logger development practices, such as the Security the criminal community. Cyber criminals are virus that shortly captured the passwords Development Lifecycle. increasingly more inventive and malicious, used on both the owner’s computer and • When employees leave the company, and the battle against them will never end. the PC belonging to her assistant, who was immediately disconnect all their access to the Organizations and individuals must be the second person needed to approve wire company’s network and building, shut down continually vigilant, and devote time and transfers. After the passwords were captured, remote connections, and collect their cell resources to thwart these attacks. cyber thieves sent 26 wire transfers totaling phones, iPDAs, smartphones, Malware and hacking are the primary $465,000 to 20 individuals around the world. etc. Change any passwords they used. methods used to get inside an organization’s This loss could have been prevented if the computer system. There are two types of company had used a dedicated, “clean” Individuals / Families malware – auto-executable code (a “drive-by” computer to release wires/ACH transfers. • Use anti-virus and anti- software on download) that can happen merely by visiting your computer, and update frequently. an infected website, and code that requires • Use a properly-configured firewall. interaction by users, e.g. opening an email • Add security software to your smartphone, attachment or clicking on an imbedded link. IPad, tablet, etc. Because online threats are so rampant, when • Do not follow links found in email messages developing defensive strategies, assume from untrusted sources; they may be links to that your computers used for email and web spoofed Web sites. Manually type the URL. searches are already infected. However, • Completely close down your Internet browser even if a computer becomes compromised, after doing online banking or shopping. preventing online intruders from stealing your photos.com • Never reply to an email, text, or pop-up money is simple. message that asks for personal or financial New Twists on Cyber information. Preventing Unauthorized Crime • Never open an email attachment unless you Transfers Describing the many methods criminals are expecting it or know what it contains. In four easy steps you can prevent are now using to infiltrate computer systems • Download software only from trusted sites. unauthorized online money transfers: 1) and mobile devices – and how you can block • Restrict which applications you install on Purchase a new computer that is dedicated them – is beyond the scope of this Bulletin. social networks, cell phones. to online banking only. A basic computer will However, we have assembled many excellent • Don’t send sensitive files over a Wi-Fi suffice. 2) Require two different computers and articles and links that will provide you with this network unless it is secure. Public “hot spots” users/passwords to send money out of your information. Visit www.safechecks.com/ are not secure. account. One or more employees can initiate articles. • When you are not using Wi-Fi, close down a wire or ACH transfer using their everyday the wireless connection to your laptop. computers, but require that all initiated Companies / Organizations • Don’t respond to a message asking you to transfers be released using the dedicated • Perform thorough background checks on call a phone number to update your account banking computer. Persons authorized to new employees. Employees are a company’s or give your personal information. If you need release the transfers must use different user greatest vulnerability. to reach an organization, look the number up names and passwords than those used to • Consider monitoring all the activities your yourself. initiate the transfer. 3) Update your bank’s employees do on company computers, which • Protect your children from online predators Electronic Funds Transfer (EFT) agreement is completely legal. Some states require by tracking their keystrokes, emails, MySpace, to reflect your revised, two-computer that employees be given notice that their Facebook, IM, and websites they visit on their initiation-release procedures. 4) Implement keystrokes and searches are being monitored. computers and cell phones. See Spector Pro, all additional controls and technologies your • Implement security policies to restrict PhoneSheriff, eBlaster, etc. bank recommends. Failure to implement the unauthorized access to sensitive data. controls the bank recommends may result in • Require that all sensitive data be encrypted Resources your being liable for any cyber losses. or password protected before transmission. 2010-2013 Verizon Data Breach Investigations Report The justification for using a dedicated Many software programs do this easily. 2009-2013 CSI Computer Crime and Security Survey (2006-2013)Symantec Internet Security Threat Reports computer to release money transfers is best shown • Regularly review and install updated patches fbi.gov/cyberinvest/protect_online.htm (several articles on website) by a recent cyber crime case in California. for your operating system software. PC Magazine (pcmag.com) • CNET Networks (cnet.com)

Page 3 • Abagnale Fraud Bulletin, Volume 12 Check Fraud Prevention–Best Practices o product, program or If the check is fraudulent or has been altered, Preventing Added Payees policy can provide 100% the bank will return the check unpaid, and the Adding a new Payee Name is a major protection against check fraud is foiled. For Positive Pay to be effective, scam used by sophisticated rings. They N fraud. However, specific the customer must send the data to the bank N understand Payee Positive Pay’s limitations practices can significantly reduce check fraud before the checks are released (see Pages 4 and simply add a new payee name above risk by discouraging a criminal from alteration and 9). the original name. They then cash the check or replication attempts, and by thwarting Because revisions in the UCC impose using bogus documents in the name of the his counterfeiting efforts. The following are liability for check fraud losses on both the added payee. To help prevent added payee important recommendations for reducing risk. bank and its customer, it is important for names, use a Secure everyone to help Name Font (see prevent losses. When High Security Checks Pages 9 and 10) a company uses high “Positive Pay is the best product Check fraud prevention begins with or insert a row of security checks with in 30 years to deal with the high security checks. High security checks asterisks above Positive Pay, the risk are the first line of defense against forgers, problem of forged, altered and the payee name. and liability for check and there is substantial evidence that they To help prevent fraud are substantially counterfeit checks.” significantly reduce check fraud attempts: altered payees, reduced. Many banks — Frank W. Abagnale Every loss begins with an attempt–eliminating use high security charge a modest fee the attempt eliminates the loss! High security checks like the for Positive Pay, which should be regarded as checks also help prevent altered payee names SuperBusinessCheck or SAFEChecks, and an “insurance premium” to help prevent check or dollar amounts. good quality toner to keep the Secure Name fraud losses. High security checks should contain at Font or asterisks from being removed without least ten (10) safety features. More is better. leaving evidence. Cheap toner will peel off with Pages 14 through 17 show high security Reverse Positive Pay common office tape. checks designed by Frank Abagnale. Organizations or individuals with small check volume can use Reverse Positive Pay. Many check manufacturers claim their checks ACH Filter or Block are secure because they include a padlock This service allows an account holder to log on Forgers have learned that Positive Pay icon. The padlock icon does not mean a and review in-clearing checks daily to identify doesn’t monitor electronic “checks,” also check is secure; only three safety features are unauthorized items. The account holder can known as Automated Clearing House (ACH) needed in order to use the icon. download the list of checks from the bank and debits. Files containing ACH debits are Some legal experts suggest that the compare them to their issued check file. Suspect created by an organization or company and failure of a business to use adequate security checks must be researched and the bank submitted to its bank. The bank processes the features to protect its checks constitutes notified of items to be returned that day. While file through the Federal Reserve System and negligence. By using high security checks, a Reverse Positive Pay provides timely information posts the ACH debit against the designated company can legally demonstrate that care on a small scale, for larger check volume it is accounts. Because paperless transactions has been taken to protect its checks. not a worthy substitute for Positive Pay. pose substantial financial risk, most banks are careful to thoroughly screen any company that Positive Pay Payee Positive Pay wants to send ACH debits. However, some In addition to high security checks, Is Not Foolproof dishonest individuals still get through the Positive Pay is one of the most effective check Positive Pay and Reverse Positive Pay screening process and victimize others. Banks fraud prevention tools. It is an automated monitor the check number and dollar amount. have liability for allowing these lapses. check-matching service that can detect most Several banks have developed Payee Positive To prevent electronic check fraud, ask bogus checks. It is offered through all major Pay (PPP) that also compares the payee name. your bank to place an ACH block or filter on banks and many smaller banks. To use this PPP identifies the payee name by using the X, your accounts. An ACH block rejects all ACH service, the check issuer transmits to the Y coordinates on the check face and optical debits. For many organizations, a block is not bank an electronic file containing information character recognition software to interpret and feasible because legitimate ACH debits would about the checks it has issued. Positive Pay match the characters. Matching the payee be rejected. In this case, use an ACH filter. compares the account number, the check name, check number and dollar amount will In the electronic debit world, each ACH number, dollar amount and sometimes payee stop most check fraud attempts. However, originator has a unique identifying number. An name on checks being presented for payment PPP is not 100% foolproof because ACH filter allows debits only from preauthorized against the previously submitted list of checks criminals can add a fraudulent Payee originators or in preauthorized dollar amounts. issued by the company. All the components of Name two lines above the original Payee If your bank does not offer a filter, open up a the check must match exactly or it becomes Name, outside of the bank’s X,Y coordinates. new account exclusively for authorized ACH an “exception item.” The bank provides the The bogus added Payee Name will not be debits, and restrict who has knowledge of that customer with an image of the suspect check detected by Payee Positive Pay, resulting in account number. ACH block all other accounts. to determine each exception item’s authenticity. the altered check being paid (see Page 9).

Page 4 • Abagnale Fraud Bulletin, Volume 12 Check Washing one year, or less if the bank has shortened the they are needed. Inspect the checks when one-year rule. If the customer fails to make the received to confirm accuracy, and then re-tape Washing a check in chemicals is a discovery and report it to the bank within one the boxes. Write or sign across the tape and common method used by criminals to alter year, they are barred from making any claim for the box to provide evidence of tampering. a check. The check is soaked in solvents to recovery against the bank. This applies even if Conduct physical inventory audits to account dissolve the ink or toner. The original data is the bank was negligent. for every check. Audits should be conducted replaced with false information. To defend by two people not directly responsible for against washing, use high security checks that the actual check printing. When checks are are reactive to many chemicals. When a check Controlled Check Stock printed, every check should be accounted reacts to chemicals, the “washing” can often Generic check stock that is sold for, including voided, jammed and cancelled be detected when the check dries. Chemically completely blank is known as uncontrolled checks. After the check run, remove the reactive checks become spotted or stained check stock. It is readily available to everyone, unused check stock from the printer tray and when soaked in chemicals. A Chemical Wash including criminals, and is a major contributor return it to the secure storage location. Detection Box on the back of the check warns to check fraud. If multiple companies use the recipients to look for evidence of chemical same blank, uncontrolled check stock, they are washing. See Page 16. Annual Reports and Correspondence Alterations 60% of organizations experienced Annual reports should not contain the Forgers and dishonest employees can attempted or actual payments actual signatures of the executive officers. Forgers scan and reproduce signatures on easily erase words printed in small type and fraud. 82% of affected cover their erasures with a larger type font. checks, purchase orders, letters of credit. Prevent erasure alterations by printing checks organizations report that Do not include account numbers in using a 12 or 14 point font for the payee checks were targeted. correspondence. Credit applications should name, dollar amount, city, state and zip code. include the name and phone number of the AFP Payments Fraud Survey 2014 See Page 10 on Laser Printing. company’s banker, but not the bank account iStock Photos number. Nor should an authorized signer Prompt Reconciliation on the account sign the correspondence. left with no legal defense against their bank You have no control over who handles this The revised UCC requires an organization if the bank pays a counterfeit check which is information once it is sent, and it could be to exercise “reasonable promptness” in made on check stock identical to their own. used to commit fraud. examining its monthly statements, and (See Robert J. Triffin V. Somerset Valley specifically cites 30 days from the date of Bank and Hauser Contracting Company, mailing from the bank. Carefully read your Wire Transfers Page 7.) Forgers obtain bank account information bank’s disclosure agreement that details the Controlled check stock is customized by posing as customers requesting wiring length of time you have to report discrepancies in some unique way for each organization. instructions. Wire instructions contain all the on the bank statement. Some banks have It should also be numbered on the back of information necessary to draft against a bank shortened the reporting timeframe to less than the check with sequenced inventory control 30 days. Failure to reconcile promptly is an account. To avoid giving out primary account numbers to prevent internal fraud. See Pages invitation for employees to embezzle because numbers, open a separate account that is 14 and 15. they know their actions will not be discovered used exclusively for incoming credits, such for a long time. If you are unable to reconcile as ACH credits and wire transfers. Place the on time, hire your accountant or an outside Manually Issued Checks new account on “no check activity” status reconciliation service provider and have the Every organization occasionally issues and make it a “zero balance account” (ZBA). bank statements sent directly to them. manual checks. Some are typed on a self- These two parameters will automatically route The people issuing checks should not be correcting typewriter which uses a black, incoming funds into the appropriate operating the same people who reconcile the accounts. shiny ribbon. This black shiny ribbon is made account at the end of the business day, and of polymer, a form of plastic. Plastic is typed prevent unauthorized checks from paying. Repeater Rule onto the check. Forgers can easily remove this typing with ordinary office tape, type in A West Coast Bank The repeater rule limits a bank’s liability. new, fraudulent information, and then cash the Check Fraud Attempts/Losses If a bank customer does not report a forged 3500 Introduction of signed, original check! 3000 - high security checks signature, and the same thief forges a - Positive Pay When typing manual checks, use a 2500 - customer education signature on additional checks paid more than “single strike” fabric ribbon, which uses ink, 2000 30 days after the first statement containing not polymer. They can be found online in the 1500 the forged check was made available to the 1000 catalog of major office supply stores. customer, the bank has no liability on the 500 0 subsequent forged checks so long as it acted 1991 1992 1993 1994 1995 1996 in good faith and was not negligent. Check Stock Controls Attempts Losses The one-year rule is another important Check stock must be kept in a secure, Check fraud attempts and losses fell by 95% over three years after a West Coast bank introduced high security checks and guide. Bank customers are obligated to discover locked area. Change locks or combinations Positive Pay, and educated its customers on check fraud and report a forged signature on a check within periodically. Keep check boxes sealed until prevention.

Page 5 • Abagnale Fraud Bulletin, Volume 12 Court Cases Holder In Due Course Holder in Due Course, a powerful part of the Uniform Commercial Code, Holder in Due Course trumps stop payments and Positive Pay can adversely impact an organization’s liability for check fraud, including exceptions. Further, an HIDC can assign, sell, give, or otherwise transfer those checks on which a “stop payment” has been placed. its rights to another party, who assumes the same legal rights as the Who or what is a Holder in Due Course? A Holder in Due Course (HIDC) original Holder. is anyone who accepts a check for payment, and on the face of the check In the 2012 AFP Payments Fraud and Control Survey, 48 percent there is no evidence of alteration or forgery, nor does the recipient have of organizations’ check fraud losses were a result of payouts to check knowledge of any fraud related to the check. cashers (bank and non-bank) from Holder In Due Course claims. This is Under these conditions, the recipient is an HIDC and is entitled to be up from 37 percent in the 2009 survey, indicating a growing and serious paid for the check. The statute of limitations under the UCC for an HIDC to concern. sue the check’s maker for its full face value is 10 years from the issue date, Actions Taken in Response to or three years from the date the check was deposited and returned unpaid, Holder in Due Course Claims whichever comes first. Frequency of HIDC Claims

Prudent companies use controlled high security checks to protect themselves from some HIDC claims. The following three Federal Appellate Court cases illustrate the far- reaching power of Holder in Due Course laws.

ROBERT J. TRIFFIN v. CIGNA INSURANCE Placing A Stop Payment Does Not End Your Obligation To Pay A Check

In July 1993, Cigna Insurance issued James Mills a Worker’s and filed this lawsuit in August 1995, over two years after the check was Compensation check for $484. Mills falsely claimed he did not receive it returned unpaid (statute of limitations is three years). The Court ruled in due to an address change, and requested a replacement. Cigna placed favor of Robert Triffin, and ordered Cigna to pay him $484, plus interest. a stop payment on the initial check and issued a new check, which Mills Recommendation: Allow a check to “expire” before replacing it, received and cashed. Later, Mills cashed the first check at Sun’s Market or you may be held liable for both checks. A party that accepts an (Sun). Sun presented the check for payment through its bank. expired check has no legal standing to sue as a Holder in Due Cigna’s bank dishonored the first check, stamped it “Stop Course if the check is returned unpaid. Payment,” and returned the check to Sun’s bank, who charged it back Print an expiration statement on the check face such as, “THIS against Sun’s account. Sun was a Holder In Due Course, and if Sun had CHECK EXPIRES AND IS VOID 30 DAYS FROM ISSUE DATE.” If a check is filed an HIDC claim against Cigna as the issuer of the check, it would lost, wait 30 + 2 days from the initial issue date before reissuing. Many have been entitled to be paid. Apparently, Sun did not know about HIDC, companies print “VOID AFTER 90 DAYS” but cannot reasonably wait that because it merely pinned the check on a bulletin board in the store, long before re-issuing a check. where the check stayed for two years. Superior Court of New Jersey, Appellate Division, A-163-00T5 Robert Triffin bought the check from Sun, assumed its HIDC rights, lawlibrary.rutgers.edu/courts/appellate/a4000-95.opn.html

An analysis of court cases can be downloaded from www.safechecks.com. Click on Fraud Prevention Tips, then Holder in Due Course.

Page 6 • Abagnale Fraud Bulletin, Volume 12 ROBERT J. TRIFFIN v. SOMERSET VALLEY BANK AND HAUSER CONTRACTING CO. You May Be Held Liable For Checks You Did Not Issue or Authorize

Hauser Contracting Co. used ADP for payroll services. A thief and facsimile stamp. Because the counterfeit and authentic checks obtained check stock that looked identical to ADP’s checks and created looked identical, the lower court ruled for Triffin. Hauser appealed, but 80 counterfeit payroll checks totaling nearly $25,000 that were identical the Federal Appellate Court upheld the lower court. The Court said the to the ADP checks used by Hauser Contracting Co. counterfeit check met the definition of a negotiable instrument, and A retailer who knew Mr. Hauser became suspicious and called him. because the check and signature were identical to an authentic check, Somerset Valley Bank also called. Mr. Hauser reviewed the in-clearing the check cashing agency could not have known it was not authentic. checks, which looked just like his, and confirmed the checks were Recommendation: Use a controlled check stock, which unauthorized and the payees were not his employees. The bank returned means using checks that are uniquely designed or customized for your the checks marked as “Stolen Check - Do Not Present Again.” organization and are not available blank to others. SAFEChecks and the Robert Triffin bought 18 of these checks totalling $8800 from four SuperBusinessCheck are controlled check stocks. check cashing agencies, claimed HIDC status, and sued both Mr. Hauser Superior Court of New Jersey, Appellate Division, A-163-00T5 and his bank for negligence for not safeguarding the payroll checks lawlibrary.rutgers.edu/courts/appellate/a0163-00.opn.html

ROBERT J. TRIFFIN v. POMERANTZ STAFFING SERVICES, LLC High Security Checks May Protect You From Some Holder in Due Course Claims

Pomerantz Staffing Services used high security checks that included do so, they were not an HIDC and had no rights to transfer to Mr. Triffin. heat sensitive (thermochromatic) ink on the back and a warning banner This case illustrates the value of check security features, a properly on the face that said, “THE BACK OF THIS CHECK HAS HEAT SENSITIVE worded warning band, and a controlled check stock. Pomerantz was INK TO CONFIRM AUTHENTICITY.” Someone made copies of Pomerantz’s protected by his checks. checks, but without the thermo ink on the back. They cashed 18 checks Recommendation: Use high security checks with overt and totaling $7000 at Friendly Check Cashing Company. Friendly’s cashiers covert security features, including explicitly worded warning bands. Such failed to heed the warning on the check face, and did not look for the security features will also help prevent other kinds of check fraud. The thermo ink on the back. All 18 checks were returned unpaid, likely SuperBusinessCheck is a properly designed high security check with caught by Positive Pay. 16 security features. Robert Triffin bought the checks, claimed Holder in Due Course http://lawlibrary.rutgers.edu/courts/appellate/a2002-02.opn.html status, and sued Pomerantz. Pomerantz counter-sued and won! The judge correctly asserted that if Friendly had looked for the thermo ink Visit www.fraudtips.net for an in-depth article, Holder in as instructed, they could have determined the checks were counterfeit. Due Course and Check Fraud, written by Frank Abagnale and Because they were provided a means to verify authenticity and failed to Greg Litster. Click on Holder in Due Course.

CHECK FRAUD SCAM — IT CAN HAPPEN TO ANYONE Greenberg, Trager & Herbst, LLP v. HSBC Bank, USA 17 N.Y.3d 565 (2011)

In a landmark decision, the New York Court of Appeals upheld that The New York Supreme Court issued summary judgment for both the depositor of a counterfeit check is responsible for risk of loss “until banks and dismissed all of Greenberg’s claims. Upon appeal, the Court of the settlement becomes final. Statements concerning ‘clearing’ of a Appeals upheld the first court’s decision. Citing the Uniform Commercial check and funds availability are irrelevant.” Code, Citibank had no obligation to detect fraud for Greenberg because A New York City law firm (Greenberg) received an email requesting Greenberg was not Citibank’s client. Its only obligation was to pay the legal services from a potential client in Hong Kong. As part of the check, return it, or send written notice that it had been dishonored. It had transaction, the client requested that the law firm accept a check for returned the check within the prescribed deadline. $197,750, deduct $10,000 for its fee, and wire the balance to another Both claims against HSBC were also dismissed. The bank’s contract firm in Hong Kong. (This should have been the first clue that this was a specifically stated that clients may not pursue claims based on a bank scam.) The law firm deposited the check, which appeared to be drawn employee’s oral representations. The Court also held that the term “a on a Citibank account, into its account at HSBC Bank. check has cleared” is ambiguous and not definitive that final settlement The next business day, HSBC provisionally credited the firm for had occurred. $197,750, per federal funds availability regulations. A day later, the law Furthermore, the Court rejected Greenberg’s argument that both firm called HSBC, asking if the check had “cleared” the account. Being banks should have had procedures in place that would have prevented told that it had, the firm wired $187,750 to the other firm in Hong Kong the fraud. The Court ruled that the law firm itself was in the best position as instructed. The check ultimately proved to be counterfeit, and HSBC to prevent fraud, and had a responsibility to know its client. charged back $197,750 to the Greenberg account. This scam was a text-book-case scenario, and while it is shocking Greenberg sued Citibank for “failing to discover that the check was that a law firm could be taken in by such a classic scam, it should serve counterfeit” and sued HSBC for “negligent misrepresentation” for stating as a warning that anyone can be deceived. Vigilance and intelligence that the check had cleared when in fact it had been returned to HSBC, must be used when accepting a check. Do not accept a check for re-routed to a different Citibank processing center, and then returned more than the amount due and then wire out the difference. Visit again as counterfeit to HSBC. www.safechecks.com for additional fraud prevention tips.

Page 7 • Abagnale Fraud Bulletin, Volume 12 ACH Fraud – Small But Growing…. ACH stands for Automated Clearing account number and a bank routing number. unknown party is legitimate House, and the “ACH Network” serves as the Criminals typically obtain bank account • Utilize your bank’s fraud detection and infrastructure for electronic payments between information by sending a email that prevention resources such as ACH Filters, individuals and organizations. The ACH tricks a victim into disclosing the required Blocks, Transaction Review, UPIC codes, etc. Network accommodates and moves both debit information, or that installs malicious software • Monitor your accounts daily and credit transactions. Last year, the ACH on the victim’s computer, allowing criminals to • Segregate accounts for better control, e.g. Network handled over 21 billion transactions access the desired information. collections, vs. disbursements, high volume vs. such as Direct Deposit and Direct Payment. Other infiltration methods used by low volume, paper vs. electronic, etc. Even though the ACH Network is one of criminals are infected flash drives, or social • Use encrypted email for confidential the safest payment systems in the world, ACH networking sites where malware is embedded information fraud has almost doubled, from 12% in 2010 in a document, video, or photo, and is • Mask account numbers and tax ID numbers to 22% today. downloaded onto victims’ computers when in correspondence The ACH Network began as a system for they click on that item. • Collect bank tokens and change passwords moving recurring transactions between parties The newest strategy for fraudsters when an employee leaves the company and who knew and trusted each other, but has is pretending to be part of established contact your bank to remove them as a signer evolved into a system of transient and often organizations, well-known social networking or authorized user of ACH origination services. one-time transactions between unfamiliar sites, and government entities, deceiving the The bank is not always responsible for groups and individuals. This evolution, victims and allowing fraudsters to plant malware ACH fraud losses. Some reasons why an combined with the growing sophistication of that eventually leads to account takeovers. organization or individual is responsible for swindlers, has made ACH fraud hard to detect The ACH Network itself is not the focus ACH losses include: and prevent. of the fraud. The focus is to simply gain • Not reconciling accounts on a timely basis There are many ways a criminal may fraudulent access to that network. Most ACH • Not using appropriate ACH blocks or ACH commit ACH fraud, but they all have one fraud could have been prevented if “best filters element in common: gullibility on the part of practices” had been followed by organizations • Not returning suspect ACH items on time someone along the ACH “highway.” or individuals. Some of these practices include: • Not using ACH positive pay. Fraudsters only need two pieces of • Know the person with whom you are dealing ACH fraud can often be thwarted by using information to commit ACH fraud: a checking – fraud happens by incorrectly assuming an caution and prudence.

CINCINNATI INSURANCE COMPANY v. WACHOVIA BANK Wachovia Bank Wins Lawsuit Over Customer That Refused Positive Pay

Schultz Foods Company issued a check for $153,856 to Amerada Agreement included a conditional release of Wachovia’s liability: Hess Corporation. Thieves stole the check out of the mail, changed the “You agree that if you fail to implement … products or services [that are name of the payee, and convinced the new bogus payee (an unwitting designed to deter check fraud], … you will be precluded from asserting accomplice) to endorse the check and deposit it into his bank. any claims against Wachovia for paying any unauthorized, altered, His bank presented the check for payment to Schultz Foods’ bank, counterfeit or other fraudulent item ….” Wachovia Bank, and Wachovia charged $153,856 against Schultz Foods’ Wachovia had not required Schultz Foods to absorb any losses account. Before Schultz Foods discovered the fraud, the funds had been because of the incidents, even though Schultz Foods never implemented wired out, and the money disappeared. Positive Pay. Cincinnati argued that Schultz Foods “had an expectation When the fraud was discovered, Schultz Foods reported the altered that Wachovia would reimburse Schultz Foods’ account” for unauthorized check to Wachovia and demanded its account be re-credited. Wachovia charges if Schultz Foods took precautions such as closing its account. refused, citing that Schultz Foods had been offered the chance to However, that expectation was contrary to Wachovia’s deposit implement “Positive Pay” after three previous check fraud incidents, agreement, which contained an anti-waiver provision, allowing it to waive but had declined. Instead, Shultz Foods had purchased a check fraud enforcement of the terms of the Agreement. insurance policy from Cincinnati Insurance Co. Positive Pay, however, Even though Wachovia voluntarily shielded Schultz Foods from past would have prevented this loss. check fraud losses, its deposit agreement protected it from liability. Schultz Foods made a $153,856 claim under its policy with Cincinnati, The Court agreed with Wachovia’s argument that the deposit who paid the claim and filed suit against Wachovia to recover its loss. agreement between Wachovia and Schultz Foods required Schultz Foods Cincinnati contended that the altered check was not “properly either to implement Positive Pay or to assume responsibility for any fraud payable” and Wachovia was liable for the loss. However, the Wachovia losses caused by its failure to implement Positive Pay. deposit agreement signed by Schultz Foods contained a list of For the complete court case and commentary, visit www. precautions that a customer should take to protect their account. The safechecks.com/fraudprevention.

Page 8 • Abagnale Fraud Bulletin, Volume 12 Software: Positive Pay, ACH, and Secure Check Writing

When Positive Pay is used with high security checks, such as the Abagnale SuperBusinessCheck or SAFEChecks fraud losses can be cut dramatically. See Pages 14 – 15. Caution: Some companies have the mistaken notion that if they use Positive Pay they do not need to use high security checks. This is a serious misconception. Positive Pay and Payee Positive Pay are not foolproof! Consider this analogy: Using Positive Pay is like catching a thief standing in your house, holding Positive Pay is one of the most important tools available to prevent your jewels. Although it is good that the thief was caught, it would be check fraud. Developed by bankers years ago, Positive Pay is an automated better to have the thief look at your house and go elsewhere. This is check matching service offered by most banks to businesses and where high security checks are important. They DETER, or discourage, organizations. It helps stop most (not all) counterfeit and altered checks. many criminals from attempting fraud against your account. Positive Pay requires a check issue file (information about the issued checks) to be sent to the bank before the checks are released. There are The check writing software can print checks for multiple divisions, two primary obstacles to using Positive Pay. First is a company’s inability to multiple accounts, and multiple banks in a single run, using “blank” format the check issue file correctly and securely transmit it to the bank. check stock (See Pages 5 and 10.) This eliminates the need to switch Second, some accounting software will truncate part of a long Payee check stock between check runs. Its secure signature control feature name when it generates the Payee Positive Pay file. This creates a mis- allows up to five levels of signature combinations. match between what is written on the check and what is recorded in the The software also has an ACH module that can make file, producing a false positive alert “exception item.” Repairing the Positive payments electronically, with the remittance detail printed or Pay file and dealing with these exception items can be costly and time- emailed. The system can automatically switch between printing consuming. checks and making ACH payments in the same run. SAFEChecks has software that eliminates these problems. The software creates the Positive Pay file automatically as the checks are being printed. It writes the checks, creates the check register, and formats the Positive Pay file all from the “stream of data,” eliminating truncation errors and significantly reducing false positive errors and exception items. In addition, the software can be customized to include another ChequeGuard Secure Name Font internal security control where checks can be reviewed and approved prior to printing. It can also be customized to automatically transmit the Secure Seal Barcode Secure Number Font Positive Pay file to the bank. The barcode, Secure Name Font and Secure Number Font SAFEChecks’ secure software is invaluable in helping “tech- are great visual deterrents to would-be criminals, discouraging challenged” organizations use Positive Pay. them from attempting alterations (See Pages 4 and 10). The software produces a Secure Name and Number Font to prevent alterations (See Page 10), and also imprints a unique, encrypted, High security checks and Positive Pay are critical image-survivable “secure seal” barcode on the front of each check. The companions in effective check fraud prevention strategy. barcode is an effective technological weapon in the fight against check fraud. It contains all the information found on a check, including the For software information, contact SAFEChecks maker (drawer), payee name, check number, dollar amount, issue date, (800) 755-2265 x 3301 or [email protected] and the X,Y coordinates of each piece of data. It is an on-board Payee Supercheck.net SafePay123.net PositivePay.net Positive Pay file for that check, and can eliminate the need to transmit it to the bank if the bank has the barcode decryption software. Frank Abagnale and SAFEChecks recommend the The decryption software reads the check using Optical Character uni-ball® 207™ Gel Pen Recognition (OCR), and the barcode data is compared to the printed data on the check. If the two don’t match, the check becomes a suspect item. High-level encryption prevents the barcode from being altered or decrypted by other software. The uni-ball® 207™ pen uses specially formulated gel inks with color pigments that The barcode creates an audit trail, including who printed the check, are nearly impossible to chemically “wash.” It retails for under $2, is retractable and refillable, and images perfectly. It can be found at most office supply stores. and the date and time the check was printed.

Page 9 • Abagnale Fraud Bulletin, Volume 12 Laser Printing and Check Fraud ost organizations and Secure Name Fonts Image Survivable Barcode companies print checks help prevent added or altered payee “Secure Seal” Technology on a laser printer. This names. In many cases, adding to or altering is a state-of-the-art encrypted barcode M technology is highly M the Payee name allows the forger to circumvent that is laser printed on the face of a efficient, but proper controls must be in place Positive Pay. A Secure Name Font uses a check. The barcode contains all the critical or laser printing can invite disaster. unique image or screened dot pattern in a information on a check – payee name, dollar large font to print the payee name. This makes amount, check number, routing and account Toner Anchorage, Toner, it extremely difficult to remove or change numbers, issue date, etc. The barcode can Printers the Payee name without leaving evidence. It be “read” using Optical Character Recognition To prevent laser checks from being easily also eliminates the spacing for an added (OCR) technology and compared with the altered, the toner must bond properly to the paper. payee. printed information on the check. If the printed This requires check stock with toner anchorage, data does not match the barcode, the check good quality toner, and a hot laser printer. can be rejected. This technology is image Toner anchorage is an invisible chemical Secure Name Font survivable. Some software providers also coating applied to the face of check paper. include Secure Name and Number Fonts. When the check passes through a hot laser printer, the toner melds with the toner anchorage and binds onto the paper. Without Image Survivable toner anchorage, the toner can easily be Secure Seal scraped off, or lifted off the check with tape. Technology High quality toner should be used because poor quality toner does not meld properly with the toner anchorage. Also, if the printer is not hot enough, the toner and anchorage will not Uncontrolled Check Stock meld sufficiently. The fuser heat setting can Recent court cases have shown that be adjusted on most laser printers through the using blank, uncontrolled check stock can front panel; hotter is better. contribute to check fraud losses. Companies can be held liable for the resulting losses if Toner Anchorage the bogus checks look “genuine.” See Page Secure Number Fonts 7, Robert J. Triffin v. Somerset Valley prevent the dollar amount on the check Bank and Hauser Contracting Company. from being altered without detection. Some fonts SAFEChecks sells only controlled check have the dollar amount image reversed out, stock. with the name of the number spelled inside the number symbol. Although Positive Pay makes Sequenced Inventory this feature redundant, it is a strong visual Control Numbers deterrent to criminals. should be printed on the back of non-pre- numbered laser checks. The control number is completely independent of the check number Secure Number Fonts printed on the face of the check. Numbering and tracking each sheet discourages internal Blank Check Stock fraud and maintains compliance with auditors. that is not customized for each customer should be avoided. Check stock that is sold String of Asterisks completely blank to multiple companies is printed above the payee name is another Protect Passwords “uncontrolled check stock.” If a printer or way to prevent added payee names. Forgers Passwords should be 8+ characters and computer company is selling you entirely blank add a new payee name two lines above the should include a captal letter and a character checks, they are likely selling the identical original payee name. To prevent additions, (e.g: !@#$%&). An email address makes an blank checks to others, who, in effect, have insert a string of asterisks above the original excellent password. Because a company has your check stock! Ensure that your check payee name. Asterisks can be pre-printed on more exposure from dishonest employees than stock is not available entirely blank to others. It the checks by the check vendor. Do not use from a hacker, two people should be required should be uniquely customized in some way for asterisks when using Payee Positive Pay. They to print checks, add new vendors, and add or each user. See Pages 14 – 15. cause false positives. change employees and pay rates.

Page 10 • Abagnale Fraud Bulletin, Volume 12 Check 21: The Hidden Liability heck Clearing for the 21st Century may also deter banks and companies eager to converts a check issues the warranties and Act, aka “Check 21” was passed convert high-dollar checks. The warranties and indemnity, and may be held liable for any Check into law October 28, 2004. indemnity continue for one year from the date 21 loss. The Statute of Limitations to file a claim CC Check 21 allows banks to the injured party first learns of the loss. for these types of losses is one year AFTER the 1) convert original paper checks into electronic The Final Rule issued by the Federal injured party discovers the financial loss. images; 2) truncate the original check; 3) pro- Reserve Board states, a bank “that transfers, cess the images electronically; and 4) create presents, or returns a substitute check…shall Check Safety Features “substitute checks” for delivery to banks that do indemnify the recipient and any subsequent The purpose of safety features is to thwart not accept checks electronically. The legislation recipient…for any loss incurred by any recipient criminals trying to alter or replicate checks. does not require a bank to create or accept an of a substitute check if that loss occurred due to The minimum number of safety features a check electronic check image, nor does it give an the receipt of a substitute check instead of the should have is 10, and more is better. The best electronic image the legal equivalence of an original check.” It goes on to say that if a loss safety features are Fourdrinier (true) watermarks original paper check. “…results in whole or in part from the in the paper, thermochromatic ink, and paper Check 21 does give legal equivalence to a indemnified party’s negligence or failure to act or ink that is reactive to at least 15 chemicals. “properly prepared substitute check.” A in good faith, then the indemnity amount …shall These safety features cannot be imaged and substitute check, also known as an image be reduced in proportion to the amount of replicated, and are the best! replacement document (IRD), is a negotiable negligence or bad faith attributable to the indem- When an individual or organization uses instrument that is a paper reproduction of an nified party.” The indemnity would not cover a high security checks that include these safety electronic image of an original paper check. A loss that was not ultimately directly traceable to features, they are positioned for a built-in substitute check 1) contains an image of the front the receipt of a substitute check instead of the indemnity claim against the converting bank and back of the original check; 2) bears a MICR original check. or company, as allowed under Check 21’s line containing all the information of the original The Fed gives this example. “A paying bank Indemnity Provision. This assumes that their MICR line; 3) conforms to industry makes payment based on a substitute check bank has a Sight Review threshold such that standards for substitute checks; and 4) is that was derived from a fraudulent the original check would have been examined. suitable for automated processing just like the original cashier’s check. The amount and other original check. To be properly prepared, the characteristics of the original cashier’s check are Check 21 Fraud Strategies substitute check must accurately represent all the such that, had the original check been In a Check 21 world, the strategies are information on the front and back of the original presented instead, the paying bank would have straightforward. 1) Every bank should offer check, and bears a legend that states “This is a inspected the original check for security Positive Pay at an affordable price, and every legal copy of your check. You can use it the same features and likely would have detected the company and organization should use the way you would use the original check.” While fraud and returned the original check before service. Most banks charge for Positive Pay; Check 21 does not mandate that any check be its midnight deadline. The security features the consider the fee an insurance premium. For imaged and truncated, all checks are eligible for bank would have inspected were security useful information about Positive Pay, visit conversion to a substitute check. features that did not survive the imaging pro- PositivePay.net and safechecks.com. cess. Under these circumstances, the paying 2) Make large dollar payments electronically. Warranties and Indemnity bank could assert an indemnity claim against the 3) Every company, organization and individual Check 21 does not require a bank to bank that presented the substitute check. should use high security checks with 10 or more convert and truncate paper checks. It is “By contrast with the previous example, the safety features. The checks should include a voluntary. A bank that chooses to convert a indemnity would not apply if the characteristics true watermark, thermochromatic­ ink and 16+ paper check into an electronic image and of the presented substitute check were such chemical sensitivity. The Supercheck, the substitute check provides two warranties and an that the bank’s security policies and procedures SuperBusinessCheck, and SAFEChecks indemnity that travel with the substitute check. would not have detected the fraud even if the (See Pages 14 – 17) were designed by The two warranties are 1) that the substitute original had been presented. For example, if the Frank Abagnale with these and many check is properly prepared, and 2) that no bank check was under the threshold amount the bank additional safety features so prudent will be asked to make payment on a check that has established for examining security features, individuals, companies and organizations has already paid (no double debit). the bank likely would not have caught the error could enjoy maximum document security in a This second Warranty is a powerful protec- and accordingly would have suffered a loss even controlled check. Visit SafeChecks.com and tion against “double-dipping” – someone depos- if it had received the original check.” Supercheck.net to request a sample. iting a check via their phone and then cashing 4) Avoid using laser checks that can be the same check elsewhere. If this deception is Remote Deposit Capture purchased by multiple people entirely blank not caught and both deposits clear the maker’s Remote Deposit Capture is a service that because the stock is not controlled. account, the bank of first deposit can be held allows a business or individual to scan, image 5) Banks should lower their Sight Review liable for the loss. and transmit to its bank the checks it normally thresholds and re-train inspectors, and The Indemnity is very powerful, and gives would deposit. While the technology is convenient, encourage their customers to use high security banks and companies a clear defensive strategy you must understand your risk. Under the law, checks and Positive Pay. against losses caused by substitute checks. It an organization or individual that images and Visit www.FraudTips.net for information.

Page 11 • Abagnale Fraud Bulletin, Volume 12 Check Security Features n response to the alarming growth 78°F. Thermo ink’s reaction to temperature Checks should be reactive to at least 15 of check fraud, the check printing changes cannot be replicated on a color copier chemicals. industry developed many new or laser printer. Checks with thermo ink should II security features. The best features have properly worded warning bands. Prismatic Printing are illustrated here. While nothing is 100% is a multicolored printed background fraudproof, combining ten (10) or more security with gradations that are difficult to accurately features into a check will deter or expose most Thermochromatic Ink reproduce on many color copiers. check fraud attempts.

Controlled Paper Prismatic Printing is manufactured with many built-in security features, such as a true watermark, visible and invisible (UV light-sensitive) fibers, and multi-chemical sensitivity. To keep the paper out of the hands of forgers, the paper manufacturers have written agreements that restrict the paper’s use and distribution. Ask Specific Warning Bands for and read the written agreement. If there is are printed messages that call specific none, the paper may not be controlled. attention to the security features found on the check. These bands should instruct Laid Lines are parallel lines on the back of checks. Controlled Check Stock the recipient to inspect a document before accepting it (not merely list features) and They should be of varying widths and unevenly are high security checks that are printed on spaced. Laid lines make it difficult to physically controlled paper. The check manufacturer does may discourage criminals from attempting the fraud. A properly worded warning band “cut and paste” dollar amounts and payee not allow the checks to be sold entirely blank names without detection. without them first being customized. Ask your may protect a company from some Holder In check printer for their written policy about blank Due Course claims. See Page 7, Pomerantz check stock. If there is none, the check stock Staffing Services. Laid Lines most likely is not controlled. See Page 14 – 17. Specific Warning Bands Fourdrinier Watermarks are faint designs pressed into the paper while it is being manufactured, and are also known as “true” watermarks. When held to the light, these watermarks are easily visible from either side of the paper for instant authentication. Copiers and scanners are not capable of replicating dual-tone Fourdrinier Copy Void Pantographs (true) watermarks. are patented designs developed to protect a document from being duplicated. When copied or scanned, words such as “COPY” Fourdrinier Multi-chemical Reactive or “VOID” become visible on the photocopy, Watermarks Papers making it non-negotiable. This feature can be produce a stain or speckles or the word circumvented by high-end color copiers and so “VOID” when activated with ink eradicator- is not foolproof. class chemicals, making it extremely difficult to chemically alter a check without detection. Copy Void antographs Multichemical P Reactive Papers

Thermochromatic Inks react to changes in temperature. Some thermo inks begin to fade away at 80°F and disappear completely at 90°F. The ink then reappears when the temperature cools to

Page 12 • Abagnale Fraud Bulletin, Volume 12 Image Survivable Holograms Secure Seal Barcode are multicolored three-dimensional Microprinting is an encrypted barcode that is laser images that appear in a reflective material printed on the face of the check. The barcode when viewed at an angle. They are an contains all the critical information found on excellent but expensive defense against the check. See Pages 9 and 10. counterfeiting in a controlled environment. Holograms are usually not cost-effective on checks, but are valuable in settings such as retail stores where a salesperson or attendant Image Survivable ual mage umbering visually reviews each item before acceptance. D I N arcode creates a red halo around the serial B Holograms enhance admission passes, gift number or in the MICR line of a check. The certificates and identification cards. special red ink also bleeds through to the back of the document so it can be verified for authenticity. Color copiers cannot accurately olograms H replicate these images back-to-back.

Dual Image Numbering High-Resolution Borders are intricately designed borders that are difficult to duplicate. They are ideal for covert security as the design distorts when copied.

High-Resolution Borders Artificial Watermarks are subdued representations of a logo or word printed on the paper. These marks can be viewed while holding the document at a 45º angle. Customized artificial watermarks High Security Checks are superior to generics. Copiers and scanners help deter many check fraud capture images at 90º angles and cannot see attempts by making it more difficult for these marks. However, to the untrained eye, a criminal to alter or replicate an original their appearance can be replicated by using a check. They help thwart some Holder in 3% print screen. Due Course claims (See Page 6), and establish the basis for an indemnity ltraviolet ight U L - claim under Check 21’s Indemnity Sensitive Ink and Fibers can be seen under ultraviolet light (black Artificial Provision. (See Page 11.) High-security light) and serve as a useful authentication tool. Watermarks checks should have at least ten (10) safety features, the most important being that the check is a “controlled” stock. This means the check is never sold or made Ultraviolet Light- available entirely blank. Forgers can make Sensitive Ink and authentic-looking checks using original UV Fibers blank checks, a scanner and Adobe Illustrator. An organization may be held liable for these fraudulent checks. Other “best” features are a dual-tone true watermark, UV ink, icroprinting thermochromatic ink (accompanied by a M properly worded warning band), and toner is printing so small that it appears as a anchorage. Frank Abagnale designed the solid line or pattern to the naked eye. Under SuperBusinessCheck, SAFEChecks magnification, a word or phrase appears. This and the Supercheck to help individuals level of detail cannot be replicated by most and organizations have access to high copiers or desktop scanners. security checks at reasonable prices. (See Pages 14 – 17.)

Page 13 • Abagnale Fraud Bulletin, Volume 12 Abagnale SuperBusinessCheck he SuperBusinessCheck is the most secure business check your protection, the SuperBusinessCheck is never sold completely blank in the world. Designed by Frank Abagnale with 16 security without first being customized for a specific customer. Available styles features, the check is virtually impossible to replicate or alter are shown below. Pricing can be found on the Web at SAFEChecks. TTwithout leaving evidence. The SuperBusinessCheck is printed com or Supercheck.net. on tightly controlled, true-watermarked 28 pound security paper. For

16 Safety Features “After years of designing COVERT SECURITY FEATURES OVERT SECURITY FEATURES checks for Fortune 500 companies and major banks, Controlled Paper Stock Thermochromatic Ink I designed the Supercheck, Toner Anchorage Fourdrinier (True) Watermark the SuperBusinessCheck and Chemical Sensitivity High-Resolution Border SAFEChecks to help individuals, Copy Void Pantograph medium and small businesses, Prismatic Printing and organizations protect their Chemical Reactive Ink Explicit Warning Bands checking accounts.” Fluorescent Ink Chemical Wash Detection Box Fluorescent Fibers Sequenced Inventory Control Numbers Microprinting Laid Lines

SuperBusinessCheck P.O. Box 981 Simi Valley, CA 93062-0981 (800) 755-2265

Available Styles Laser Legal Laser - Legal Laser - Laser - Top Laser - Middle Laser - Bottom 3-On-a-Sheet Top Second Panel

Pressure Seal Checks Also Available 3-on-A-Page Secure Ordering Procedures To prevent unauthorized persons from ordering checks on your account, SAFEChecks verifies all new check orders with your bank. We confirm that the name, address and account number on the order form match the data on file with the bank. Check orders are shipped to the address on file with the bank. Reorders with a change of address are re-confirmed independently. Our Secure Ordering Procedures are in place for your protection, and are unparalleled in the check printing industry.

Page 14 • Abagnale Fraud Bulletin, Volume 12 SAFEChecks he SAFECheck was designed by SAFEChecks Frank Abagnale with P.O. Box 981 TT12 security features, Simi Valley, CA 93062-0981 and is virtually impossible to (800) 755-2265 replicate or alter without leaving evidence. SAFEChecks are printed on tightly controlled, true-watermarked, 28 pound security paper. To prevent unauthorized use, SAFEChecks are never sold completely blank without first being customized for each specific customer.

12 Safety Features Covert Security Features Overt Security Features Controlled Paper Stock Thermochromatic Ink – The pink lock and key icons fade away when warmed above 90º and Toner Anchorage on Laser Checks reappear at 78º. This reaction cannot be replicated on images created by a color copier. Copy Void Pantograph Fourdrinier (True) Watermark – The true watermark is visible from either side when the Chemical Reactivity – to 85 chemicals. check is held toward a light source. It cannot be color copied or scanned. Fluorescent Fibers – Become visible under ultraviolet light. Explicit Warning Bands Chemical Wash Detection Box – See Figure 2 on page 13. Sequenced Inventory Control Numbers Microprinting Available Styles Laid Lines Laser - Top Laser - Middle Laser - Bottom continuous - 1 part continuous - 2 part

Legal Laser - Legal Laser - continuous - 3 part Legal Laser - Top Second Panel Panels 2 & 4 Pressure Seal Checks Also Available

NOT USING MORE FRAUD POSITIVE PAY? PREVENTION You should! Talk to TIPS SAFEChecks also offers secure laser check your banker ASAP. Visit writing software (See Page 9, MICR toner Visit SAFEChecks.com cartridges, and envelopes. Call (800) 755-2265. PositivePay.net FraudTips.net safechecks.com Supercheck.net

Page 15 • Abagnale Fraud Bulletin, Volume 12 Abagnale Supercheck he Supercheck is a high security personal check designed is reactive to 85 chemicals, is Check 21 compatible, and is nearly by Frank Abagnale to help individuals protect their checking impossible to replicate or to alter without leaving evidence. It is Taccounts. The Supercheck contains 12 security features, “the check for people with something to lose.” T “The check for people with something to lose” Styles

12 Safety Features

Controlled Paper Stock Fourdrinier (True) Watermark Thermochromatic Ink Chemical Sensitivity Explicit Warning Bands Prismatic Printing Chemical Wash Detection Box High-Resolution Border Laid Lines Fluorescent Fibers Fluorescent Ink Microprinting PLEASE PHOTOCOPY THIS FORM OR DOWNLOAD IT FROM WWW.SAFECHECKS.COM

CHECK ORDER FORM AND INFORMATION ORDER SUMMARY Check # of Total Our Secure Ordering Procedures are unmatched in the check printing industry. For your protection, we Start # Boxes (price + s/h) verify that the name, account number, and mailing address match the information on file with your financial Wallet Supercheck Single institution. Checks are shipped to the address on file or directly to your financial institution. Reorders with a change of address are re-verified with your financial institution. Wallet Supercheck Duplicate SubTotal We need all three (3) items below Please mail to: Delivery Times: Single - $29.95 per box of 150 to complete your order: Duplicate - $32.95 per box of 150 California residents must add sales tax Shipping/Handling - $4.50 per box 1. Completed ORDER FORM SAFEChecks Allow 3 weeks for delivery. TOTAL 2. VOIDED CHECK (indicate any changes P.O. Box 981 Expedited service is available. on the face) Simi Valley, CA 93062-0981 Call (800) 755-2265 ext 3304 PAYMENT OPTIONS: 3. VOIDED DEPOSIT SLIP _____Debit this checking account _____Check or Money Order enclosed (made payable to SAFEChecks)

Name Primary Telephone (We do not give or sell your information to anyone.) _____Bill my credit card: _____MasterCard _____Visa

Email Address Alternate phone where you can be reached Credit Card Account Number / Expiration Date Security Code Please mail checks to the: Cardholder Name ____Address on checks (this address must be on file with the financial institution)

____Financial­­ institution______Authorized Signature Branch Address City State Zip ____Other______(Address must be on file with bank) Billing address of credit card if different from address on checks

Page 16 • Abagnale Fraud Bulletin, Volume 12 PLEASE PHOTOCOPY THIS FORM OR DOWNLOAD FILLABLE FORM AT WWW.SAFECHECKS.COM

Download a price list at SAFEChecks.com 8934 Eton Avenue (800) 755-2265 Canoga Park, CA 91304 Fax (800) 615-2265

How did you hear about us? Seminar by Frank Abagnale Seminar by Web Other

CUSTOMER NAME, ADDRESS AND PHONE NUMBER Please MAIL a VOIDED ORIGINAL CHECK with this To be printed on checks For file information (not printed on checks) completed order form. We will call you to confirm receipt.

BANK NAME AND ADDRESS To be printed on checks For file information (not printed on checks)

Phone ( )

Please ship to: Account Number

Routing / Transit: Bank Fraction:

Bank Representative Bank Representative's Phone # Attention:

Check Starting Number Quantity Check this Custom Logo - Camera-ready art or electronic file (diskette box for two or e-mail) is required. Send to: [email protected] Text to be printed above signature lines signature lines JPG, EPS, PSD, TIFF & BMP are acceptable formats

Standard Turnaround (most orders ship in 5-7 business days) Shipping Instructions: Overnight UPS Two-day UPS Ground UPS

RUSH (RUSH FEE APPLIES) Date you must receive checks Other:

LASER CHECKS

1 1 8 / 2 X 11 Frank Abagnale's SuperBusinessCheck (one color design only) 8 /2 X 14 Frank Abagnale's SuperBusinessCheck (one color design only) Top Check Top Check Middle Check Check in 2nd Panel Bottom Check 3 Laser Checks per Sheet

1 1 8 / 2 X 11 8 /2 X 14 Top Check Blue Green Red Plum Top Check Blue Green Red Middle Check Blue Green Check in 2nd Panel Blue Green Bottom Check Blue Green Check in 2nd & 4th Panels Blue How are your laser checks placed in the printer? Face Up Face Down Software Name Version #

CONTINUOUS CHECKS PRESSURE SEAL

Single Blue Green Check: Top Bottom Pressure seal checks are custom designed. Call (800) 755-2265 ext. 3306. Duplicate Blue Green Triplicate Blue Green Red Make and Model # of Folder/Sealer: Make and Model # of Printer: Software Name Version #

THREE-ON-A-PAGE HANDWRITTEN CHECKS SECURE ORDERING PROCEDURES Single Stub (General Check) Frank Abagnale's SuperBusinessCheck

To prevent unauthorized persons from ordering checks on your Duplicate account, all new check orders are verified with your bank. We confirm that the name, address and account number on the order Three-on-a-Page Binder form match the information on file with the bank. Check orders are shipped to the address on file with the bank. Reorders with Prepared by: a change of address are re-confirmed with the bank. Phone Number: Fax Number: Download a price list from SAFEChecks.com Email: Call (800) 755-2265 for assistance in completing form or to answer any questions. Date: Embezzlement bakery’s account clerk went to but the vast majority of schemes involve An overlooked but vital factor is the tone her CFO, saying that she feared fraudulent disbursements done through billing, set by upper management, especially in the for her life because of what she expense reimbursements, check fraud, payroll, fraud cases over $1 million. Management AA had discovered – a fraudulent and the cash register. tone that contributes to fraud includes check for $10,000 that the Comptroller had The second highest method includes the unethical attitudes and behavior, the practice authorized. Sixteen more checks were found theft of cash-on-hand and inventory, and the of overriding established safeguards, and later, totaling almost $17 million. third type of asset misappropriation involves pressuring employees to meet unrealistic The Comptroller had written checks schemes with revenue receipts. goals. Als o, employees and executives who to his own creditors, including credit card The industries most commonly victimized feel unfairly treated sometimes believe they companies, car dealerships, local agencies, are banking/financial services, manufacturing, can get “justice” through occupational fraud. and even charities, and covered the amounts and government/public administration. While different factors motivated the by voiding them on the books. He then wrote However, internal fraud within healthcare various embezzlement cases, including a false fake checks to actual bakery vendors, and and education is on the rise, and virtually sense of entitlement or the need to support a later destroyed those checks. all industries have had some episodes of significant other, the two overwhelming factors Embezzlement is no respecter of persons embezzlement. were a desire to obtain and/or maintain a or organizations. It is a silent killer that cripples more lavish lifestyle, and a gambling addiction. companies large and small because of the Who are the Often, those two motivations were intertwined. actions of trusted but dishonest employees. erpetrators In the cases where gambling addiction Embezzlement is committed at every level P ? was the primary motivator, all but two Almost 80% of occupational fraud cases, and in every industry, and estimates show occurred in states where casinos and/or Indian and 95% of their resulting losses, come from that a typical organization loses 5% of annual gaming facilities were permitted. six departments: accounting, operations, revenues to fraud. executive/upper management, sales, customer The latest Marquet Report on service, and purchasing. Embezzlement reported that it was “a Detecting Embezzlement While regular employees embezzled most blockbuster year for employee theft in the There are many behavioral red flags frequently, the greatest actual losses came United States, accelerating over the shocking that fraudsters often exhibit, which can help from managers and executives. pace set over the past couple of years.” management detect fraud. Managers who Females embezzled slightly more Marquet analyzed hundreds of cases ignore these red flags do so at the company’s frequently than males, but males caused involving losses of $100,000 or more. Of peril. These include an overt sense of significantly higher losses. course, many cases fall below that threshold, entitlement, living beyond one’s means, having and hundreds more are not reported. The financial difficulties and/or family problems, Position Female Losses Male Losses excessive control issues, unwillingness to average loss of those that were analyzed was Employee $50,000 $75,000 $1.4 million, with a median loss of $340,000. share duties or take vacations, addiction Manager $150,000 $200,000 The average embezzlement scheme lasts problems, and irritability or defensiveness. Executive $300,000 $700,000 almost 5 years, and half of the victims do not Managers, employees and auditors recover any of their fraud-related losses. should be educated on these common Half of all cases were committed by Given that embezzlement is often difficult behaviors to help identify fraudulent activity. people between the ages of 31 and 45, but to detect, it is imperative to understand why An anonymous tip is one of the most the greatest losses came from those 50 and and how it occurs, and how to thwart it. Early important means to detect fraud. Most tips above. About 40% had been at the job one to detection and prevention strategies are key to are given via hotlines. Tip hotlines should be five years, and over 50% had been there more controlling losses. designed to receive tips from both internal and than five years. According to the Association of Certified external sources, and should allow anonymity, The vast majority of perpetrators Fraud Examiners (ACFE), embezzlement is a confidentiality, and include a reward. – 87% – had no prior criminal history, subset of Occupational Fraud, which can be Tip hotline reporting programs should be making background checks an ineffective divided into three main categories: , publicized to employees, as well as outsiders. embezzlement prevention tool (although Fraudulent Financial Statements, and Although employees are the most frequent background checks are still necessary for Misappropriation of Assets. source of fraud tips, customers, vendors, and other reasons.) Corruption includes conflicts of interest, even competitors have also provided valuable bribery, extortion, etc., and constitutes about information. one-third of cases. Why Embezzlement Management review and internal audits Financial statement fraud involves the Occurs are the next most common forms of detection. intentional misstatement or omission of Workplace conditions are a major One of the least effective methods of important information on an organization’s predictor of fraud. Internal fraud occurs when detecting fraud was through external audits financial reports, and causes the highest the “fraud triangle” is present – motive, of financial statements. In fact, more fraud median losses. opportunity, and rationalization – and effective was discovered by accident than by external Asset misappropriation, which includes fraud prevention controls are not in place. In audits! While external audits are important, embezzlement, covers almost 90% of all fact, a complete lack of controls was evident in they should not be solely relied upon to detect occupational fraud cases. It takes many forms, over 30% of the cases. fraud.

Page 18 • Abagnale Fraud Bulletin, Volume 12 Small Businesses Fraud the embezzler becomes eligible for a tax Resources deduction. Failure to report embezzled funds 2010 - 2012 Marquet Report on Embezzlement Embezzlement is a significant threat to as gross income can result in 2010, 2012 Association of Certified Fraud Examiners“Report to small businesses. The smallest organizations the Nations” charges. The threat of dealing with the IRS “Effective Solutions for Combating Employee Theft –Implementing consistently suffer the largest median losses. and Managing a Fraud Hotline” by should be a well publicized factor to deter These companies usually have fewer anti-fraud Donald L. Mullinax, ACFE 2004 would-be perpetrators from defrauding their “Enemies Within” by Joseph Wells, ACFE 2001 controls than larger companies, and so are http://topics.law.cornell.edu/wex/embezzlement organizations. www.lawyershop.com more vulnerable to fraud. For more information www.onlinelawyersource.com on small business fraud prevention, see See www.diversifiedriskmanagement.com Page 21. Median Loss and Duration of Schemes – Based on Presence of Anti-Fraud Controls

Anti-Fraud Loss with Loss without Duration with Duration without How To Prevent Control Control Control Control Control Management Review $100,000 $185,000 14 months 24 months ccupational raud O F Hotline $100,000 $180,000 12 months 24 months (Embezzlement) Employee Support Programs $100,000 $180,000 16 months 21 months Using any of the 16 most common External Audit of ICOFR $120,000 $187,000 12 months 24 months anti-fraud controls can significantly decrease Fraud Training for the cost and duration of fraud schemes. Managers/Executives $100,000 $158,000 12 months 24 months Tip hotlines, formal management reviews, Internal Audit/FE Department $120,000 $180,000 13 months 24 months and employee support programs provide Fraud Training for Employees $100,000 $155,000 12 months 24 months the greatest decreases in financial losses. Job Rotation/Mandatory Vacation $100,000 $150,000 9 months 24 months Companies without these controls experienced Surprise Audits $100,000 $150,000 10 months 24 months median fraud losses approximately 45% larger Anti-Fraud Policy $100,000 $150,000 12 months 24 months than those with the controls in place. The Formal Fraud Risk Assessments $100,000 $150,000 12 months 24 months schemes also lasted almost twice as long. Rewards for Whistleblowers $100,000 $145,000 9 months 22 months Education is part of an effective fraud Code of Conduct $120,000 $164,000 14 months 30 months prevention program. Organizations with Independent Audit Committee $125,000 $150,000 13 months 24 months anti-fraud training programs for employees, Management Certification of F/S $138,000 $164,000 12 months 24 months managers, and executives have fewer losses External Audit of F/S $140,000 $145,000 17 months 24 months and shorter duration of fraudulent schemes than those without these programs. Training includes what constitutes fraud, Early Warning Signs of Cash Misappropriation how it hurts everyone in the company, and how to report questionable activities. • Decreasing ratio of cash to credit card • Unexplained cash discrepancies. Employee support programs to help sales. • Altered or forged deposit slips. employees struggling with addictions, mental • Increasing accounts receivable compared • Customer billing and payment complaints. or emotional health, family or financial with cash. • Increasing “soft” expenses, such as consulting. problems are also associated with median loss • Delayed posting of accounts receivable Employee home address matches a vendor’s reductions. • payments. address. Surprise audits are an effective tool in the Credits against individual accounts fight against fraud, yet less than 30% of victim • • Vendor address is a post office box or mail drop. receivable. organizations have them. Surprise audits’ most • Excessive voided, missing, or destroyed checks. important benefit is psychological: they cause potential perpetrators to believe that they will be caught, and thus have a strong deterrent Embezzlement Prevention Checklist effect on embezzlers. The most cost-effective way to limit fraud losses is to prevent fraud from occurring. This Additional internal controls include a checklist will help organizations test the effectiveness of their fraud prevention program. separation and rotation of duties, mandatory vacations, protocols for writing, reconciling, 1. Is ongoing anti-fraud training provided to all employees of the organization? and storing checks, proper documentation for payments and receipts, vendor verification, 2. Is an effective fraud reporting mechanism (tip hotline) in place? etc. Constant vigilance is essential. 3. Is the management climate/tone at the top one of honesty and integrity? Certain schemes are more prevalent in 4. Are fraud risk assessments performed to identify and mitigate the company’s vulnerabilities to internal and external fraud? one industry and department than in others. Companies need to consider the specific 5. Are strong anti-fraud controls in place and operating effectively? fraud risks they face when deciding which 6. Does the internal audit department have adequate resources and authority to operate effectively and without undue influence from senior management? controls to implement for fraud prevention and 7. Does the hiring policy include thorough fraud prevention controls? detection. The Internal Revenue Service requires 8. Are employee support programs in place to assist employees struggling with addictions, mental/emotional health, family or financial problems? embezzlers to report embezzled funds 9. Are employees allowed to speak freely about pressures, providing management the as income in their annual tax filing. After opportunity to alleviate such pressures before they become acute? returning the funds or paying restitution,

Page 19 • Abagnale Fraud Bulletin, Volume 12 Identity Theft – It Can Happen To You dentity theft is motivated by financial identity documents only when needed. companies with whom you do business. Opt rewards, the easiness of the crime, 19. Shred the cards on unused credit out of having your information shared. and the small chance of being card accounts. If you close an account, it may 36. Protect a dead relative. Contact the II caught. Here are several suggestions lower your credit score because of reduced credit bureaus and put a “deceased” alert on to reduce your risk of ID theft: credit availability. the person’s reports. 20. Put a fraud alert tag on your credit Social Security Number report, which will limit a thief’s ability to open 1. Guard your Social Security number accounts in your name. f t appens to ou vigilantly. I I H Y : Even though you may take every 2. Do not print your Social Security possible precaution, identity theft can Number on your checks. still happen to you. If it does: 3. Review your Social Security • Report the crime to the police Earnings and Benefits Statement annually immediately and get a copy of the and look for employers you didn’t work for. police report. 4. Monitor your credit report. After applying for anything that requires a • Keep a record of all conversations credit report, request that your SSN on with authorities, lending and financial the application be truncated or removed, institutions, including names, dates, and and that your original credit report be time of day. shredded after a decision is made. • Call your credit card issuers immediately, and follow up with a letter Internet / Computers and the police report. 5. Make sure your computer is protected • Notify your bank immediately. with Internet security software that is updated Bank Accounts/Checks/PINS • Call the fraud units of credit reporting regularly. 21. Use high security checks like those agencies to place a fraud alert on your 6. Do not download anything from the shown on Pages 14 – 16. name and SSN. Internet that you did not solicit. 22. Do not mail checks from home. 7. Shop only on secure websites. 23. When writing manual checks, use the ® Resources 8. Avoid using a when uni-ball 207 gel pen. • Equifax: 1-800-525-6285 shopping online. 24. Use a strong PIN and protect it. www.equifax.com 9. Use a strong password. 10. When possible, choose to have a Miscellaneous • Experian: 1-888-397-3742 second-level password. 26. Be highly suspicious of unsolicited www.experian.com 11. Never leave your laptop where you emails or letters that say you won money. • TransUnion: 1-800-680-7289 wouldn’t leave your baby…. 27. Remove your name from the www.transunion.com 12. Before donating your computer or cell marketing lists of the three credit reporting • Federal Trade Commission: phone to a recycling center, completely wipe bureaus. 1-877-438-4338 www.ftc.gov out all confidential information. This requires 28. Add your name to the Name Deletion • Privacy Guard: 1-800-374-8273 special software. List of the Direct Marketing Association. www.privacyguard.com/frank 29. Subscribe to Privacy Guard or a • Trace My ID: 1-877-309-6584 Credit Cards similar service to alert you if your credit history www.tracemyid.com 13. Shred anything with personal is being requested. information on it. Use a crosscut or microcut 30. Avoid ATMs that are not connected to • Privacy Rights Clearinghouse: shredder. a bank or a reputable business. 1-619-298-3396 www.privacyrights.org 14. Never give your credit card number 31. Protect your incoming mail by picking • Fight Identity Theft: or personal information over the phone unless it up ASAP. If you will be away for a period of www.fightidentitytheft.com you initiated the call and trust that company. time, have your mail held at the post office. • Identity Theft Resource Center: 15. When you are shopping or dining out, 32. Keep your purse or wallet in a locked 1-888-400-5530 www.idtheftcenter.org be aware of how salespeople or waiters handle drawer at work. Find out how the company • National White Collar Crime Center: your card. protects your personal information, and who 1-800-221-4424 www.nw3c.org 16. Promptly examine the charges on has access to your direct deposit information. credit card statements. Keep track of the 33. Photocopy and retain the contents of • Social Security Administration billing cycles. your wallet, both sides of each card. 1-800-269-0271 www.socialsecurity.gov 17. Minimize the number of credit cards 34. Keep Social Security cards, birth • U.S. Postal Service: 1-877-876-2455 you own. certificates and passports in a locked box. postalinspectors.uspis.gov 18. Carry extra credit cards or other 35. Read the privacy policies of the

Page 20 • Abagnale Fraud Bulletin, Volume 12 Corporate Identity Theft orporate identity theft is the address and telephone number, government Churches, family-owned businesses, and even unauthorized use of a company’s license, credit history, etc. Each Proof of Right inactive companies have also been targets of name and information by that can be verified increases a company’s such fraud. CC criminals in order to illegally legitimacy in the eyes of financial institutions or State governments are actively taking obtain money, goods, services and other other credit-lending organizations. steps to help protect businesses, as much of benefits. Successful prosecution of personal There are various ways to demonstrate the fraudulent right of proof activity occurs identity theft has caused criminals to target a fraudulent right of proof, opening up through criminals accessing government companies instead, and the Internet makes it businesses to corporate identity theft. For controlled and regulated information. easy to create a fraudulent business that looks example, criminals can gain access to a However, the biggest challenge is alerting legitimate. legitimate business identity and then alter businesses to this new type of crime and This new wave of crime can be more company information, such as registered motivating them to use available protections. profitable to fraudsters than personal identity agents names and addresses, and use the These protections include using better theft, and is expanding rapidly. Dun & falsified information to secure lines of credit passwords and dual authentication controls, Bradstreet has reported cases of corporate with banks and retailers. and to check their filings regularly. identity theft in at least 22 states, and the Corporate identity thieves will then often A balance exists between making it easy losses often reach a half-million dollars before use that credit to purchase items that could to do business with legitimate corporations and the crime is discovered. be bought and exchanged for cash or easily protecting those corporations from criminal About 10% of all commercial credit losses sold. Once the fraudsters get the desired activity. Businesses that have been duped are are due to corporate identity theft, fraudulent money and/or goods, they leave the legitimate understandably reluctant to make the deception companies, or similar criminal activities. business owners awash in debt, unaware that public, so additional partnerships are needed When banks or companies evaluate a a crime has occurred…until creditors begin between the private and public sectors in business seeking credit, they look for evidence demanding payment. fighting this crime. that a company is who it says it is and that it Although no business is immune, has the capacity to conduct its business. fraudsters often target small and midsize Resources This evidence is called “Proof of Right” companies because they have fewer legal and Dun & Bradstreet, Bloomberg BusinessWeek, The Council of State and can be a financial statement, business financial protections than larger corporations. Governments Small Business – Fraud Prevention mall businesses (fewer than 100 means they have fewer and less-effective measures can be implemented for a minor cost employees) are victimized by anti-fraud controls in place, making them and could significantly increase the ability to embezzlement more frequently more vulnerable to fraud. An almost complete prevent and detect fraud. These controls include SS than larger organizations and suffer lack of controls was the most frequently cited a code of conduct, anti-fraud training programs disproportionately larger median losses. They are factor in 45% of embezzlement cases in small and formal management review of controls far less able to absorb these losses, and many organizations. and processes. Also, check tampering in small have gone bankrupt or were severely crippled. Although some controls require significant businesses was three times more likely than in Small businesses typically have fewer resources and most likely would not provide an large organizations, and could be thwarted with resources than large companies, which often appropriate cost/benefit balance, other anti-fraud high security checks. See Pages 4, 5, 14 – 17.

Shredding Documents Shred anything with your personal information on it before throwing it away. It is best to use a crosscut or a microcut shredder. A crosscut shredder will cut the paper into tiny squares. A micro- cut shredder will turn the papers into confetti. Paper that has been shredded with a straight shredder can be pieced back together, and criminals will have Books authored by Frank W. Abagnale your personal information. Crosscut and Available online at eRead.com or from local booksellers microcut shredders can be found at most Catch Me If You Can is also available on DVD major office supply stores.

Page 21 • Abagnale Fraud Bulletin, Volume 12 Frank W. Abagnale

Frank W. Abagnale is one of the world’s most respected authorities on the subjects of forgery, embezzlement and secure documents. For over 35 years he has lectured to and consulted with hundreds of financial institutions, corporations and government agencies around the world.

Mr. Abagnale has been associated with the Federal Bureau of Investigation for over 30 years. He lectures extensively at the FBI Academy and for the field offices of the FBI. More than 14,000 financial institutions, corporations and law enforcement agencies use his fraud prevention materials. In 1998, he was selected as a distinguished member of “Pinnacle 400” by CNN Financial News. He is also the author and subject of Catch Me If You Can, a Steven Spielberg movie that starred Tom Hanks and Leonardo DiCaprio.

Mr. Abagnale believes that the punishment for fraud and the recovery of stolen funds are so rare, prevention is the only viable course of action. S The Check Fraud Prevention Specialists

S originated in 1994 as a division of a Southern California business bank battling an epidemic of check fraud. Over a three-year period, altered and counterfeit checks increased from $90,000 to over $3,000,000. Many of these checks were perfect replicas of its clients’ authentic checks.

To stem this epidemic, Greg Litster, then Senior Vice President and head of the bank’s Financial Services Division, retained fraud consultant Frank Abagnale, the world’s foremost authority on check fraud prevention. At the bank’s request, Mr. Abagnale designed SAFEChecks – America’s first truly affordable high security check designed for organizations of any size, including small and medium-sized companies. The bank strongly encouraged its clients to use these new checks, and over the next three years, check fraud attempts fell to $126,000, a drop of 95%.

Mr. Litster acquired the SAFEChecks operation from the bank in 1996, and is its President and CEO. SAFEChecks has continued to be a pioneer in check fraud prevention, and has clients of every type and size throughout the United States and Canada. Because of SAFEChecks’ extensive security features and unique Secure Ordering Procedures, our checks have never been replicated, nor has a check manufactured by SAFEChecks ever been used in a check fraud scam.

SAFEChecks offers high security business and personal checks, and secure check writing software that includes Positive Pay and ACH functionality. In addition, Mr. Litster provides fraud prevention educational seminars, consulting services, and expert witness services.

SAFEChecks “The Check Fraud Prevention Specialists” understands the serious nature and magnitude of check fraud. Because of SAFEChecks’ unique foundation in banking, we know the various methods criminals use to commit payment fraud. SAFEChecks has designed specific protocols and security features to thwart these fraud attempts. While no product, policy, or program can provide 100% protection, SAFEChecks helps organizations and individuals build the strongest possible defense against check fraud.

8934 Eton Avenue S Canoga Park, CA 91304 The Check Fraud Prevention Specialists (800) 755-2265 Fax (800) 615-2265 (800) 755-2265 www.safechecks.com safechecks.com [email protected]

This brochure is provided for informational purposes only. SAFEChecks and the author, Frank W. Abagnale, assume no responsibility or liability for the specific applicability of the information provided. If you have legal questions regarding the enclosed material, please consult an attorney. Mr. Abagnale has no financial interest in SAFEChecks. SC0414