National Check Payments Certification Fraud, Risk and Risk Mitigation – Part I Copyright© 2015 by the Electronic Check Clearing House Organization NCP 2016 Exam Cycle Core Training Series Session 10
Jan 18, 2016
National Check Payments Certification
Fraud, Risk and Risk Mitigation – Part I
Copyright© 2015 by the Electronic Check Clearing House Organization
NCP 2016 Exam CycleCore Training Series
Session 10
2National Check Payments Certification
NOTICESThis training course may provide an introduction to or summary of various aspects of check payments and the legal and rules framework for check image exchange. Responsibility for compliance with image exchange rules, and/or the legal, operational and regulatory requirements applicable to check image exchange, remains at all times with the financial institution participating in check image exchange and/or the individual or company using a check image exchange service.
This presentation and the information contained herein is not intended as legal or compliance advice or recommendation to any person or company. This document could include technical inaccuracies or typographical errors and individual users are responsible for verifying any information found in this presentation and related “live” webinar or webinar playback. Financial institutions should consult with their legal counsel regarding legal and operational requirements applicable to any check image exchange program they may offer or in which they participate.
These materials may not be reproduced or published, in whole or in part, without the express permission of ECCHO.
Copyright© 2015 by the Electronic Check Clearing House Organization(Certain contributed content subject to third party copyrights)
3National Check Payments Certification
NCP Exam Registration Reminder
Register with ECCHO
online at: store.eccho.org
View detailed exam info
at: www.eccho.org/ncpc
• Free ECCHO / NCP study aids upon registration!– P.R.E.P. Guide: 300+ pages of information, training guide,
sample exam– Question of the Day: Summary available now
New daily question & detailed answer to prior day’s question
Email delivery beginning in January– NCP Roadmap – Direction on
establishing a personal study plan– JumpStart Reading Program – Links to
all references
• Exam Fees: $400 ECCHO member $500 non-ECCHO member– Not sure about membership?
Check current status at: www.eccho.org/membershipso Enter name in search box on left
4National Check Payments Certification
Session Topics
• Latest Fraud Studies• Types of Fraud• FFIEC and Remote Deposit Capture• RDC Risk Management
5National Check Payments Certification
Fraud Studies
• Trends in Payments Fraud–Check returns and losses declining–Similar results seen in recent industry studies
including: Federal Reserve’s triennial Payments Study (2013)ABA Deposit Account Fraud Survey (2013)
6
Unpaid Check Returns
• Since 2003: Check returns declined 66%– Decline of 50% just since 2009
Volu
mes
in M
illio
n /
Year
2003 2006 2009 20120
20
40
60
80
100
120
140
160
180
200 186.9
153
126.8
64
2003 2006 2009 20120.00%
0.05%
0.10%
0.15%
0.20%
0.25%
0.30%
0.35%
0.40%
0.45%
0.50%# Unpaid Cks Returned Return Rates
Source: The 2013 Federal Reserve Payments Study
.5%
.3%
7
Check Fraud TrendSource: 2013 ABA Deposit Account Fraud Survey
1997 1999 2001 2003 2006 2008 2010 2012$0
$100
$200
$300
$400
$500
$600
$700
$800
$900
$1,000
$s in
Mill
ion
/ Ye
ar
37% Decline in 5 years
2012 – Lowest amount since 1997
$648
$1,0
24
8National Check Payments Certification
Distribution of Fraud
• For payments fraud distribution, check payments showed both:– Lowest volume (3%); and – Smallest related $ amounts (16%)
Number of Transactions Value of Transactions
Cards92%
Cards65%
ACH 5%
ACH 19%Check 3%
Check 16%
Source: The 2013 Federal Reserve Payments Study
Types of Check Fraud
10National Check Payments Certification
Payments Fraud
• Fraud exists in all payments systems• Occurs when following elements exist:– Intentional untrue representation about an item,
fact or event–Untrue representation is believed by the victim–Victim relies upon and acts upon the untrue
representation–Victim suffers a loss of money and/or property as
a result of reliance on untrue representation
11National Check Payments Certification
Check Fraud
• Refers to a category of criminal acts that involve making the unlawful use of checks in order to illegally acquire funds that do not exist within the account balance or account holder's legal ownership
Source: www.uslegal.com
12National Check Payments Certification
Types of Check Fraud
• Altered / Counterfeit / Forged• Check Kiting• Identity Assumption• New Account / Closed Account • Telemarketing• Remotely Created Checks
13National Check Payments Certification
Altered Checks
• Amount fields altered–Courtesy amount (in numbers) and legal
amount (in words) do not match• Payee on check altered–Differences in ink or handwriting
• MICR line altered / damaged –Attempt to delay clearing or return
• Paper Check Security Options–Watermarks, copy/chemical “Void” and security
inks, etc.
14National Check Payments Certification
Counterfeit Checks
• Created by entity not authorized by account holder– Issued without account holder’s authorization–Presented based on fraudulent identification–May be drawn on valid accounts–Easier to do with increased technical capabilities
• Paper checks – common characteristics–Poor quality paper stock–Misspelled printed information–Check number ranges inconsistent/out-of-range–MICR line missing, skewed, not machine readable–Check number in wrong position on MICR line
15National Check Payments Certification
Forged Checks
• Counterfeit / Forged Check–Return within UCC midnight deadline–Example:
Perpetrator may be known to drawerBlank check(s) stolen and filled inDrawer’s signature is forgedCheck(s) are negotiated
–Option for “Rule 9” claim under ECCHO RulesTiming for breach of warranty claim applies
16National Check Payments Certification
Forged Checks
• Forged Indorsement–Check indorsed then cashed / deposited by someone
other than payee–Examples:
Check is payable to multiple partieso One party forges the indorsements of all payeeso Check is negotiated
Check is payable to a merchanto Different payee gets check (may be stolen), forges merchant’s
indorsemento Check is negotiated
• Warranty for adjustment–Up to three years based on UCC statute of limitations
17National Check Payments Certification
Check Kiting
• Opening accounts at two or more institutions and using “float time” of available funds to create fraudulent balances– Identified by use of uncollected funds and frequent
overdrafts– Customer creates continuous interchange of worthless
checks between two accountsCovers overdrafts at one bank with deposits of checks
creating overdrafts at another bank• Image exchange benefit– Faster clearing provides opportunity for more controls
Better reporting / activity monitoring to detect kiting suspects
18National Check Payments Certification
Identity Assumption
• Identity Theft: Using personal information about a bank’s customer to present items as a valid account holder• Schemes may involve– Changing account information– Creating fictitious transactions between
unsuspecting parties– Preparing checks drawn on valid accounts that are
subsequently presented using this false identification
19National Check Payments Certification
New Account Fraud
• Check fraud and identity theft on new accounts – Representative training is key–How many forms of ID do you require?• Flag newly-issued IDs
–Video account opening area
• Use of preventive tools from vendors– Early-Warning– Chex Systems– Credit Reporting Agencies
20National Check Payments Certification
Closed Account Fraud
• Closed Account Fraud– Checks being written against closed accounts• Invalid routing number or retired routing number• Generally relies on delay involved in interbank transactions
– “PaperHanging”: Customers purposely writing checks on closed accounts• Their own or others• May re-order checks on known closed accounts
• Prevent via review against nationally shared databases
21National Check Payments Certification
Telemarketing Fraud
• Based on creation of “demand drafts” rather than checks–Demand draft resembles personal check, but
carries no signature (unsigned draft)• In place of signature may state account holder has
given permission to have money withdrawn from account to pay bill for goods or services; • May state “Signature on File” or similar language
– Know Your Customer (KYC) before accepting
22National Check Payments Certification
Remotely Created Checks
• 2005 amendment to Reg CC defined "remotely created checks" – Included transfer and presentment warranties
[Section 229.34(d)] for RCCs
• Shifted liability for unauthorized remotely created check to entity that created it–Generally depositary bank (BOFD)–Warranties apply if remotely created check has
been reconverted to substitute check
23National Check Payments Certification
Altered vs. Counterfeit
• Under current check law responsibility for fraud allocated between Depositary (BOFD) Paying Bank• Paying Bank liability minimized if check is
altered–BOFD warrants check is “not altered”
Three years to make claim under UCC• BOFD liability minimized if check is counterfeit –Paying Bank has burden to catch fraudulent item–Must make return decision by the UCC midnight
deadline
24National Check Payments Certification
Altered vs. Counterfeit• Why is this more difficult today?• Check 21 changed check collection processes– Image exchange environment changes ability to identify altered
versus counterfeit items–Original items imaged and destroyed
Banks may retain only digitized electronic copy–When only image is available traditional check security features
not effective protectionMay be difficult to determine whether item is
“altered vs. counterfeit” from only electronic image• Court rulings to date inconsistent–No precedence creates uncertainty for banks
Some courts have ruled disputed item is “counterfeit”Other courts have ruled disputed item is “altered”
25National Check Payments Certification
Altered vs. Counterfeit
• ECCHO Rules updated to provide uniform rule regarding “presumption of alteration” –Applies to dispute of item exchanged as image
under the rules• Establishes evidentiary presumption of
alteration of Related Physical Check–Does not alter transfer and presentment
warranties under UCC–Does not alter process members may otherwise
seek
26National Check Payments Certification
Fraud Preventive Measures
• Know Your Customer• Teller training • Full extent prosecution • Products/Technology/Operational Controls–Positive Pay other ARP products–Daily reconciliation–Internal controls
Separation of duties, staff training, etc–Account debit blocks–Timely check return
27National Check Payments Certification
Image Security Measures
• Image Analysis Function–Electronically verify writings on a check–Can be used to verify:
SignaturePayee line informationOther check information such as:
oBank nameoDateoAmountoCheck number
28National Check Payments Certification
Image Security Measures • Image-survivable Check Security Features (ICSF)– Benefit: Features remain effective after imaging– Uses various techniques and security mark on check to
automatically validate selected fields– Example:
Commercial check issued with ICSF information printedValidated /compared to validate information such as Payee name or
amount• Security Feature Interoperability– Features validated by presence/absence on check
Feature is present: Check is validFeature is not present: Check may be fraud suspect
• Flexible framework allows exchange of validation information– Interoperable processing may use variety of scanning equipment
FFIEC and Remote Deposit Capture Risk
30National Check Payments Certification
FFIEC Guidance
• Federal Financial Institutions Examination Council– Prescribes uniform principles, standards, and report
forms for the federal examination of financial institutions by:• Board of Governors of the Federal Reserve System (FRB)• Federal Deposit Insurance Corporation (FDIC)• National Credit Union Administration (NCUA)• Office of the Comptroller of the Currency (OCC)• Consumer Financial Protection Bureau (CFPB)
• Make recommendations to promote uniformity in the supervision of financial institutions
31National Check Payments Certification
FFIEC Guidance
• Created jointly by the federal bank regulatory agencies– Administered/enforced under supervisory authority of the
agencies– Not itself a “regulation” – Guides bank examiners during examination process
• Designed to help financial institutions:– Identify risks– Evaluate adequacy of controls and risk management
practices• Guidance and Remote Deposit Capture–Outlines considerations for identifying and assessing new
delivery system risksKey to managing risk with RDC
32National Check Payments Certification
FFIEC Guidance
• Publications released to date (will cover on next few slides):–Supplement to Authentication in an Internet Banking
Environment (Oct-2005)–Supervisory Guidance for Remote Deposit Capture (Jan-
2009)–Retail Payment Systems booklet (Feb-2010)–Supplemental Guidance on Internet Banking
Authentication(Jun-2011)
• Additional FFIEC guidance available on website: www.ffiec.gov
33National Check Payments Certification
FFIEC Risk Guidance• Supervisory Guidance for Remote Deposit Capture– Released January 2009– Addresses necessary elements of RDC risk management in electronic
environment– Focuses on RDC deployed at customer location
• Supplemental Guidance on Internet Banking Authentication– Released June 2011– Provides risk management framework for financial institutions offering
Internet based products and services with emphasis on:‐Need for layered securityPeriodic risk assessmentsAdjustment in response to changing internal and external threats
– Includes requirement of enhanced controls for users with admin rights• Mobile Banking mentioned– Guidelines do not explicitly address mobile RDC– Anticipate specific mRDC guidelines in future
34National Check Payments Certification
RDC and Risk• Remote Deposit Capture is a transaction delivery system – Customers deposit items electronically from remote locations
• Risk of duplicate items– Image of item deposited via RDC– Original item then cashed or deposited creating the duplicate– Similar risks for both merchant and consumer capture
• Consider restrictive indorsements or “franking”– Indorsements: “For Deposit Only”, with bank name, account number,
signature– Franking: “Electronically Presented”, “Processed” or similar language on front
of original check• Warranties protect Paying Bank against paying an item they already paid
(duplicates)– Similar warranties in Fed and private sector rules
ECCHO RulesReg CC (for substitute check)Fed OC3 and Regulation JNACHA Rules
35National Check Payments Certification
RDC Risk Assessment
• Prior to implementing RDC, senior management should complete a comprehensive risk assessment
• Identify and assess following risks associated with new system:– Legal– Compliance– Reputational– Operational
• Ensure RDC is compatible with institution’s business strategies– Understand the return on investment– Assess management’s ability to manage the risks– Incorporate assessments of RDC systems, including related products and
services, into existing risk assessment processes
• Establish RDC Risk Management Policy– Published policy outlining ability to manage risks inherent in RDC
36National Check Payments Certification
RDC – Risk Mitigation
• Understand FFIEC Guidance–RDC customer agreements
Follow “Know Your Customer” guidelines–Staff training and procedures
Examine checks for:o Stale dateso Stamps or other information indicating item previously
indorsed, deposited
–Utilize technology for duplicate detection and prevention
37National Check Payments Certification
RDC – Risk Mitigation
• Legal and Compliance Risks–Outlines risks under Check 21, Reg CC, Reg J, UCC (or other
state laws) and risks under any agreements or clearinghouse rulesExample: “No double debit” warranties for duplicates
– Impacts related to various routing optionsDepending on channel used may have:
o Separate rules and liabilities by channelo Legal/ regulatory requirements, timeframes for processing
–Bank Secrecy Act (BSA) laws and regulations–Anti-Money Laundering (AML) laws and regulations
Suspicious activity monitoring and reporting (SARS)–Foreign correspondent/ location and high-risk customer
access to RDC
38National Check Payments Certification
RDC – Risk Mitigation
• Operational Risks–Ensure appropriate policies, procedures, and
other risk mitigation controls in placePhysical and logical access to:
oOriginal checkso Scanning equipmentoCustomer information
Original item retention at customer locationsElectronic file access/controlsCustomer non-public personal information security
39National Check Payments Certification
Risk Management• Mitigation and Controls– Scope of what will be implemented
• Customer Due Diligence / Suitability– Type of customer– Risk associated with customer
• Vendor Due Diligence / Suitability– Application / Equipment– Vendor management considerations– Training / support
• Other Areas to Consider– RDC Training for Customers– Contracts and Agreements (Customer and Vendor)– Business continuity– Information security– Separation of duties and controls
40National Check Payments Certification
Risk Management
• RDC Agreements–Strong, well-constructed contracts and customer
agreements critical in mitigating risksLegal counsel should help develop
–Establish control requirements identified during risk assessment process Define consequences of noncompliance
–Pass back to customer those risks that are out of bank’s control–Authority of financial institution to:
Mandate customer controlsAudit customer operationsRequest additional informationTerminate the RDC relationship
41National Check Payments Certification
Risk Management• RDC Agreement Provisions– Customer technology infrastructure requirements– Eligible items, processes/ procedures, performance standards– Retention, security and destruction of checks
Requirements for handling original items and electronic record data– Repair considerations
Accurately represent entire MICR lineConsiderations if manual operator keying occursConsiderations for MICR repair handled by merchants using RDC
–Warranty claims (encoding errors) – Indemnity claims (better image or original item)–Governing laws, regulations, and rules
Funds availability, collateral, collected funds requirements
42National Check Payments Certification
Measuring / Monitoring• Develop and implement risk measuring and monitoring systems for
effective oversight of RDC activities– Financial institution oversight involves regularly reviewing the reports; and – Periodically conducting reviews and operational risk assessments
• File monitoring– Develop systems needed for oversight of RDC activities
• Customer monitoring– Ensure Customer in compliance with operational risk monitoring processes
• Performance measuring/management– Reporting to Senior Management and Board– Transactions reporting
Files / items / dollars via RDC– Errors and/or questionable activities– Duplicate entries– Rejects and corrections– Violation of deposit thresholds, etc.
43National Check Payments Certification
Summary
• Know the FFIEC Guidance• Know Your Customer (KYC)• Customer and Vendor Selection• Strong Agreements–Customer and Vendor
• Know and Anticipate the Risks–Legal / Compliance risks–Reputational risks–Operational risks
• Measure / Monitor / Review Reports
44National Check Payments Certification
Questions
??? ?? ?
45National Check Payments Certification
Recommended Resources
• FFIEC References:– FFIEC - Retail Payment Systems Feb-2010:
http://ithandbook.ffiec.gov/it-booklets/retail-payment-systems.aspx
– FFIEC - Supervisory Guidance for Remote Deposit Capture 1/14/2009: http://www.ffiec.gov/pdf/pr011409_rdc_guidance.pdf
– FFIEC – Supplement to Authentication in an Internet Banking Environment – Oct-2005: http://www.ffiec.gov/pdf/Auth-ITS-Final%206-22-11%20%28FFIEC%20Formated%29.pdf
• RemoteDepositCapture.com: http://www.remotedepositcapture.com/Home.aspx
Thank You!Electronic Check Clearing House Organization
3710 Rawlins Street; Suite 1075Dallas, Texas 75219
NOTICEThis NCPC Program document contains copyrighted materials of its publisher.
These materials may not be reproduced or published, in whole or in part, without the express permission of ECCHO
Copyright© 2015 by the Electronic Check Clearing House Organization
Ellen Heffner, NCPDirector and Education Manager
Fraud, Risk and Risk Mitigation – Part I