protecting your organization against check and ach fraud

Protecting Your Organization Against Check

and ACH Fraud

March 6, 2013

Special Guest Presenter:Paul McCormack, CFE

Connectics

Copyright © 2013 FraudResourceNet™ LLC


About Peter Goldmann, MSc., CFE

President and Founder of White Collar Crime 101

Publisher of White-Collar Crime FighterDeveloper of FraudAware® Anti-Fraud Training

Monthly Columnist, The Fraud Examiner, ACFE Newsletter

Member of Editorial Advisory Board, ACFE Author of “Fraud in the Markets”

Explains how fraud fueled the financial crisis.


About Jim Kaplan, MSc, CIA, CFE

President and Founder of AuditNet®, the global resource for auditors

Auditor, Web Site Guru,

Internet for Auditors Pioneer

Recipient of the IIA’s 2007 Bradford Cadmus Memorial Award.

Author of “The Auditor’s Guide to Internet Resources” 2nd Edition


Paul McCormack, CFE

17 years of fraud, litigation and business consulting experience

Worked directly with agents from federal, state and local law enforcement agencies including the F.B.I., G.B.I., D.E.A., and the Secret Service

Previously managed check fraud detection for SunTrust Banks


Webinar Housekeeping

This webinar and its material are the property of AuditNet® and FraudAware®. Unauthorized usage or recording of this webinar or any of its material is strictly forbidden. We will be recording the webinar and you will be provided access to that recording within five business days after the webinar. Downloading or otherwise duplicating the webinar recording is expressly prohibited.

Please complete the evaluation to help us continuously improve our Webinars.You must answer the polling questions to qualify for CPE per NASBA.

Submit questions via the chat box on your screen and we will answer them either during or at the conclusion.

If GTW stops working you may need to close and restart. You can always dial in and listen and follow along with the handout.


Disclaimers

5

The views expressed by the presenters do not necessarily represent the views, positions, or opinions of FraudResourceNet LLC or the presenters’ respective organizations. These materials, and the oral presentation accompanying them, are for educational purposes only and do not constitute accounting or legal advice or create an accountant-client relationship.

Any mention of commercial products is for information only; it does not imply recommendation or endorsement by FraudResourceNet LLC


Today’s Agenda

Introduction Fraud Statistics Auditor’s Role in Fraud Detection Check & ACH Fraud Statistics Main Types of Check Fraud Red Flags of Check Fraud How ACH Fraud Occurs Red Flags of ACH Fraud Detecting Check and ACH Fraud Prevention/Control Measures Conclusion Questions


The Auditor’s Role

IPPF Standard 1210.A3 Internal auditors must have sufficient knowledge of…available technology based audit techniques to perform their assigned work


Fraud: The Big Picture

According to major accounting firms, professional fraud examiners and law enforcement:

Fraud jumps significantly during tough economic times

Business losses due to fraud increased 20% in last 12 months, from $1.4 million to $1.7 million per billion dollars of sales. (Kroll 2010/2011 Global Fraud Report)

Average cost to for each incident of fraud is $160,000 (ACFE) Of Financial Statement fraud: $2 million

Approx. 60% of corporate fraud committed by insiders (PwC)

Approx. 50% of employees who commit fraud have been with their employers for over 5 years (ACFE)


Check & ACH Fraud Facts

Checks continue to be the dominant payment form targeted by fraudsters

85 percent of companies surveyed reported that checks were targeted

The typical loss associated with payment fraud is $19,200

Most organizations do not automatically change out affected bank accounts associated with payments fraud

Seventy-four percent of organizations maintain separate accounts for different payment methods and types

Source: 2012 AFP Payments Fraud and Control Survey



Electronic check conversion services continue to experience a very low incidence of fraud (2%), making this service a good choice in helping minimize instances of check fraud.

17% of organizations that were targets of ACH fraud during 2011 suffered a financial loss as a result of such fraud

Positive pay, ACH filters and daily reconciliations are among the methods used to identify exception items that may include fraudulent transactions as well as errors and other rejects due to administrative issues




The most common reasons victim organizations are financially responsible for the losses sustained from ACH fraud include:

Not reconciling accounts on a timely basis

Not using ACH debit blocks or ACH debit filters

ACH return not being timely

Not using ACH positive pay



Polling Question 1

The majority of organizations targeted by ACH fraudsters suffer a financial loss.

A. True

B. False


Main Types of Check Fraud

Alterations – Chemicals remove or alter the original information inscribed on a check (for example, the payee, the amount etc).

Counterfeit – Check was never issued by the organization, it is a copy (the quality can vary significantly). Check is negotiated and ultimately debited against the organization’s account


Main Types of Check Fraud (cont)

Forged Endorsements / Signatures – Checks are stolen and then endorsed by someone other than the payee that the organization intended to receive the funds. An employee can also steal blank checks and forge official signature

Closed account fraud – Checks written against accounts that are closed and contain no funds


Main Types of Check Fraud (cont)

Kiting - Kiting of funds involves writing checks against deposits that have not cleared. Money appears in two accounts - temporarily

Account takeover – Cyber-fraudster typically steals banking credentials by planting “malware” on target user’s computer. Almost immediately, wires, ACHs and occasionally checks are created. Once the money leaves the account it is laundered through a series of transactions making recovery of the funds all but impossible.


Check Fraud Red Flags

Checks are presented out-of-sequence

Bank’s fraud department routinely calls to verify check fraud suspects

Vendors complain about missing check payments

Canceled check endorsements are illegible or inconsistent

Payees appear to have been altered or do not appear to be business-related


Check Fraud Red Flags

Check contains misspellings, typos, and grammatical errors, or doesn't have a watermark.

Routing transit number (RTN) or ABA number at bottom of the check doesn't accurately include the two sets of numbers on the upper right corner next to the check number. (The RTN or ABA number is the nine-digit code on the bottom of the check).

First three numbers indicate the state and district office of the issuer. These numbers don't coincide on altered checks.


Case Study #1

Kathleen Prince, the former bookkeeper / accountant for the Inner Circle Foster Family Agency received a sentence of 41 months for taking $708,924 from her employer for her personal use.

Prince made checks payable to herself as well as her creditors. She used the funds to pay her personal credit card bills, cell phone bills, and her mortgage. She also used to proceeds from the fraud to pay for a vacation to Hawaii.

To conceal the fraud from the board of directors, Prince altered the agency's accounting records and misrepresented the organization's health to board of directors.


Case Study #1 – Lessons Learned

Check fraud is prevalent in all types of organizations. Charitable organizations are particularly vulnerable as they are unable, or unwilling to invest in additional controls or oversight to prevent it.

If board of directors allows a bookkeeper to control multiple elements of payment process, recording and reconciliation process, the probability that fraud will take place rises dramatically.


Polling Question 2

Writing checks against deposits that have not cleared is a definition of

A. Check alterations

B. Closed account fraud

C. Kiting

D. Account takeover

E.


Case Study #2

Karen Febles, a former a New York bank employee was charged with stealing $1.8 million from a retired employee of the bank while tasked with managing his personal and professional finances. Between 2007 and 2011, Febles allegedly altered checks for higher amounts that had previously been signed by the account holder

Febles purchased a Range Rover with $52,720 in cash, a Mercedes-Benz with $34,650 in cash, spent approximately $45,000 on vacation cruises, more than $100,000 on real estate, more than $20,000 on other car payments and more than $20,000 on personal expenses

Continued …


Case Study #2 – Prevention Lessons

In addition to monitoring employee activities, all organizations should have software in place that monitors customer as well as employee account activity. Employees often mistakenly believe that they can use their personal bank accounts to conduct fraud unobserved.

Febles spent considerable funds on cars, vacations and real estate. It is possible that a fellow employee may have suspected that Febles was committing fraud.

Key: If you have not done so already, deploy an anonymous hotline that employees can use to report concerns regarding employees, vendors and customers.

Failure to implement Segregation of Duties can be costly


Polling Question 3

Choose all of the following that could be red flags of check fraud:

A. Vendors complain about missing check payments

B. Canceled check endorsements are illegible or inconsistent

C. Payee name contains a typo

D. Payees appear to have been altered or do not appear to be business-related

A.


How ACH Fraud Occurs

Very easily! Need two pieces of data – routing number and bank

account number = Corporate account ID theft Transaction is initiated by fraudster via an Originating

Depository Financial Institution (ODFI) ODFI “batches” transactions and delivered via a

clearing house to Receiving Depository Financial Institution

RDFI posts transactions customer accounts

Account holder is unawareof transaction until ACHdebit appears in account


ACH Fraud Red Flags

Accounts are experiencing a significant increase in ACH debits (payroll accounts are especially vulnerable)

Unexplained ACH debits for small amounts from unknown vendors

Bank’s fraud department calls to confirm ACH debits

Accounting personnel are unable to reconcile all debit activity in organization accounts


ACH Fraud Notification

Consumers have 60 days to notify their bank. Corporate accounts have 2 days!

Important: It is crucial that all accounts are reconciled on a daily basis

Banks routinely deny return requests outside of the 2 day window

Banks will enter litigation to defend their decision


Case Study #3 – ACH Fraud

Mary Harris, a former treasury analyst for Central Parking Corporation, pleaded guilty to her role in an $1.9 million embezzlement.

Harris admitted that in her position she had access to organization bank accounts and the Automated Clearing House (“ACH”) system. Harris processed approximately 200 ACH transactions that deposited funds in her own bank account or the bank accounts of her relatives.

Harris concealed the fraud by making accounting entries in Central Parking’s accounting ledger and creating false emails to support the entries.


Case Study #3 – Lesson Learned

A fraudster only needs two pieces of data - your bank’s routing number and the account number

Payroll accounts are often the destination for fraudulent ACH transactions as the routing number and account number is widely circulated

If your organization’s bank accounts see a significant increase in ACH debits, fraudsters may be testing your ability to detect fraudulent transactions before unleashing a number of debits


Case Study #3 – Prevention Lessons

Don’t ignore calls from your bank’s fraud department. They have considerable “behind the scenes” information regarding what a fraudulent ACH debit looks like

If you cannot reconcile all debit activity in your organization’s accounts, look for reasons for the un-reconciled amounts


Case Study #3 – Prevention Lessons (continued)

Companies only have 2 days to notify their bank of a fraudulent ACH. Notify them immediately once detected

Given the short time period within which your organization is required to notify the bank, all accounts should be reconciled on a daily basis. Failure to do so will in automatic denial of any fraud claims made

Banks will often pursue litigation to defend their decision to deny the fraud claim


Since employees most often unwittingly provide fraudsters with the information they need to commit ACH fraud (bank account number & routing number), educate your employees on the dangers of ACH fraud. Helpful: Your bank will likely be able to provide examples of fraudulent phishing emails that criminals have used in the past

Pay attention to ACH fraud cases in the news. Consider whether a similar fraud could take place at your organization?

Designate one computer for all online banking transactions including ACH and wire



Ensure that all of your organization’s computers have robust anti-virus software installed that is kept up to date automatically (no manual intervention to accept update)

Task your organization’s IT department with conducting frequent reviews of the computer designated for online banking to ensure that it remains virus free

To avoid complacency as well as the threat of employee fraud, rotate responsibility for ACH transactions every 6 months



Polling Question 4

Commercial accounts have ______ days to inform the bank of an ACH fraud

A. 60

B. 30

C. 2

D. 10

E.


Check & ACH Anti-Fraud Tools

Positive pay and reverse positive pay Positive pay - Bank will only pay Checks & ACHs that you

provide Reverse positive pay – Bank sends list of Checks & ACHs

presented. Your staff reviews payment register to accept or reject

Check & ACH blocks – nothing can be debited

Check & ACH filters – select list of ACH debits allowed (approved companies)

Signature verification – check signatures are reviewed by bank (A service you must pay for to have specific checks reviewed prior to payment).

Dual control for online transactions – two levels of approval

Account alerts – flags unusual transactions


Fraud Prevention – Bank Perspective

Bank must authenticate user as being authorized to access account and initiate transactions The customer must act in an abnormal manner to be flagged

Transactions that are initiated are consistent with previous transactions, or companies of a similar size

Bank must do all of this while facilitating business for entire customer base

The bank and the corporate customer must work together What tools does your bank have to detect Check & ACH fraud?

How will they notify you of suspected fraud?

Has your bank “missed” Check & ACH fraud in the past?Relying exclusively on your bank to prevent Check & ACH

fraud will result in fraud


Case Study #4 – ACH Fraud

Patricia K. Smith, former controller for Baierl Acura, pleaded guilty to taking $10.2 million from the dealership over a 7 year period. Smith moved money from dealership's business accounts to her personal account using over 800 Automated Clearing Housing (ACH) transfers. Smith used the proceeds to fund:

$1.8 million billed to American Express for private jet charters $44,500 Super Bowl XLV $32,500 for a luncheon for six people prepared by Ina Garten $5,000 for "The Vatican Package," which included Mass in

Papal Audience $2,500 for a Phantom of the Opera experience, including

costume fitting, wig fitting, an escort onstage during the Hannibal Opera sequence, and four seats for the performance.


A bookkeeper or controller should never be trusted without verification place in to ensure that they are performing their job. Their work should periodically be reviewed by their manager on at least a monthly basis. From time to time, consider engaging a CPA to conduct a review or audit of their work.

Assuming that your organization's bank will detect and prevent embezzlement is a risky assumption. In the bank's defense, since Smith was an authorized user of the ACH system, it is difficult for the bank to uncover unusual activity in a sea of regular business transactions.



Check & ACH Fraud Prevention Wrap-Up

Educate employees on ACH & Check fraudReverse engineer Check and ACH fraud in the news

Provide examples of fraudulent emails used to capture login information - What to look for in a fake website

Consider designating one computer for online bankingRobust anti-virus software that is up to date

Frequent reviews of computer to ensure virus free

Meet with your bank to understand Check & ACH fraud detection and prevention capabilities


Check & ACH Fraud Prevention Wrap Up

Implement robust controls regarding the ordering, receipt and storage of check stock

Perform timely bank account reconciliations

Mail all checks as soon as they are signed

Enhance the “perception of detection”


Check & ACH Fraud Prevention Wrap Up

Segregate duties so that more than one employee is involved in the issuance, recording and reconciliation of payments

Deploy an anonymous employee hotline

Don’t rely upon your bank to uncover embezzlement

Rotate employees involved in the payment process frequently

Mandate that employees use their allotted vacation


Polling Question 5

Choose all the following are effective prevention measures against check and ACH fraud…

A. Implement robust controls regarding the ordering, receipt and storage of check stock

B. Perform timely bank account reconciliations

C. Mail all checks as soon as they are signed

D. Enhance the “perception of detection”


Questions?

Any Questions?Don’t be Shy!


Thank You!

Website: http://www.fraudresourcenet.com

Jim KaplanFraudResourceNet™

800-385-1625 [email protected]

Peter GoldmannFraudResourceNet™

[email protected]

Paul McCormack [email protected]

protecting your organization against check and ach fraud

Economy & Finance

implement

debit activity

ach debits

routing number

ach fraud

ach frauda

financial

check fraud