fraud prevention strategies at georgia tech georgia institute of technology accounting services...

Fraud Prevention Strategies at Georgia Tech

Georgia Institute of Technology Accounting Services Department

Did You Know?

•Your drawee bank does not have to immediately reimburse stolen funds prior to the resolution of a fraud investigation?


Uniform Commercial Code (UCC) Changes(Articles 3 and 4 rewritten in 1990)

Changed long-held premise that banks were solely responsible for losses resulting from fraudulent checks.

Liability for check fraud can now more easily be apportioned between banks and clients relative to a determination of fault

Company and drawee bank must exercise “ordinary care” – adherence to reasonable commercial standards

Negligence on the part of either party may make it liable for part or all of the losses resulting from check fraud

For questions and interpretations of the UCC, companies are directed to their own legal advisor. This presentation is not intended to offer legal advice.


Forms of Fraud Forged check signatures

– Usually involve the use of legitimate blank checks, with a false imitation of the payor signature on the signature line

Forged check endorsements– Often involve the theft of valid checks which are then endorsed and

cashed or deposited by someone other than the payee Counterfeit checks

– Exact imitations of genuine checks can be created with readily available desktop publishing capabilities

– The fastest source of fraudulent checks Altered checks

– Are defined as valid check stock with certain fields changed Electronic Fraud

– As ACH transactions increase, companies must ensure that they are not victims of the newest type of fraud -- unauthorized ACH transactions


Why Is Fraud Getting Easier for Criminals?

Sheer volume– 49.1 billion checks issued annually– 30 billion electronic payments initiated annually

Technology – Inexpensive software that creates reproductions of documents,

including checks– Laser printers

Banks’ compliance with Reg CC to make funds available– Within one day for certain types of checks– Two days for checks drawn on a local bank– No longer than five days for non-local deposits

Banks’ compliance with Reg CC to return checks – Within 24 hours of settlement items must be identified (by client) and

returned (by FI) to the Bank of first deposit Banks’ compliance with NACHA Rules and Regulations for unauthorized

entries return– 60 days to recuperate electronic fraud from consumer transactions– Only 24 hours to return a fraudulent item from a business to

business transaction


Secure Check Stockused by Payroll and A/P

Printing Contributions: Prismatic Printing

– 2 color prismatic printing of step and repeat pantograph on face, frustrates attempts at color copying

Backprinted Pantographs– 2 color step and repeat pantograph on back is also difficult to copy

(Payroll only) Warning bands

– Alerts cashier to look for colored background, watermark and visible fibers in the paper (Payroll only)

Paper Contributions: Optically Dead

– Will not fluoresce under black light Bleach Reactivity

– If alteration with bleach is attempted, a brown stain appears Polar Solvent Reactivity

– If alteration with polar solvents is attempted, a blue stain appears


Secure Check Stock Payroll and Accounts PayablePaper Contributions (continued): Non-Polar Solvent Reactivity

– If alteration with non-polar solvents is attempted, a blue-black stain appears

Acid Reaction– If alteration with acid is attempted, a pink stain appears

Base Reaction– If alteration with base is attempted, a blue-green stain appears

Invisible Fibers– Fluoresces yellow under black light

Visible Fibers– Both green and red fibers are visible to the naked eye

Watermark– When held up to light, a watermark is visible (cross-hatched

pattern) Toner Grip

– Fuses toner to paper, attempt to scrape or lift toner from sheet will result in obvious destruction of paper fibers


What Are Banks Doing about Fraud? Establishing new account procedures Investing in technology to catch fraud at earliest opportunity Teller Fraud Training Requiring proper identification for all customers Using electronic PIN verification of customers Fingerprinting non-bank customers when they present a check at the

lobby teller window Not allowing check cashing for non-bank customers at the drive-thru

windows Supplying MICR line readers at teller window Providing clients with fraud prevention services


#1 – Converting Paper to Electronic

#2 – Using ACH Blocks and Filters

#3 – Using Positive Pay Services

#4 – Instituting “Post No Checks”

#5 – Performing daily transaction review

What Is Georgia Tech Doing To Prevent Fraud?


#1 – Convert Payments to Electronic Transactions

ACH Transactions and Plastic Cards:

ACH Transactions– Travel expense reimbursements– Financial Aid distributions

Paycards– for those who don’t have a bank account but have

reoccurring payments (payroll, reimbursements, insurance)

95% of GT employees paid via direct deposit

Procurement cards– Controls and reporting set by Georgia Tech


Procurement Cards

Identify Risks– Integrity of employees and supervisors– Fraud

No liability for fraudulent charges

– Misuse Covered up to $50,000 per cardholder under VISA

Liability Protection Program


Procurement Cards

Potential Fraud– Unauthorized transactions by other than cardholder

Lost or stolen cards Compromised account numbers

– Not fault of cardholder– State assumes zero liability– Covered 100% under contract

Fraud Detection– VISA Fraud Detection System

Back end reporting of certain exceptions– Electronic Reporting

Daily downloads– Timely cardholder reconciliation


Procurement Cards

Preventive Controls– Card-based controls

May be customized Transactions not within established parameters

declined at POS

Procedural Controls– Policies and Procedures– Training– Cardholder agreement


#2 – Use ACH Blocks & Filters ACH debit blocks and filters

– Debit Block keeps all ACH debits from posting to our account

– Debit Filters allow ACH debits from only known trading partners

– Advance authorization - transmit expected transactions to your bank, and only transactions that match all criteria would post to your account

– Examples: Federal Payroll Tax, State Payroll Tax, etc.


#3 – Utilize Positive Pay Services

Positive Pay is: – An industry term for the check matching service banks offer as

a means of reconciling accounts and reducing exposure to fraud

– A match of checks being presented for payment against those you have issued

Georgia Tech:– Views an image of the exception item or scans an exception

report– Renders a decision to “pay” or “return” each exception item by

the bank’s daily deadline– Communicates decision in a manner pre-arranged and by a

person preauthorized– Establishes a “default” if decision is not rendered in time

Teller Positive Pay


Client

Send check Issue File

Issues c

heck to

Vendor

Client’s Vendor

Bank

Send Exception Detail

Pay No PaySame-Day Decision:

Client’s checks clear

against account

Positive Pay Workflow


Teller Positive Pay Teller Positive Pay

provides check issuance information to a bank’s tellers

It matches a check rendered for encashment to a serial number and dollar amount previously provided by you• If a match is not made, the teller receives three possible responses:

- Check presenter is informed the bank is unable to cash check at this time- Check presenter is referred to maker or bank attempts to call client for approval

Georgia Institute of Technology Accounting Services Department6

Issues check to Payees

Person presents check to Bank

Teller checksitem against issue file

Client

Send check Issue File

Bank

Pay - Item match found on issue file.

No Pay - Item does not match issue file

data.

Positive Pay Workflow


#4 – Institute “Post No Checks” Indicator

• Georgia Tech uses the “Post No Checks” indicator for the collections/receipts account

• When checks are presented, they will be automatically returned


Controls on Receipt Accounts

Centralized Receipting Daily Reconciliations for all cash received

– Credit card receipts (via web) balanced to credit card processor and receipts system (Banner)

– Credit card receipts (in person) balanced to credit card machines and receipts system

– Cash/check receipts balanced to receipts system

General Ledger Feed Controls from Central Receipts confirmed to cash receipts daily

Bank Confirmation of Daily Cash Receipt reconciliation


#5 – Perform Daily Transaction Review

Criminals are betting that we will not notice or return their unauthorized ACH debit in time!

We may end up taking a loss if we do not reconcile our bank accounts on a timely basis


Helpful Web Sites U.S. Secret Service http://www.ustreas.gov/usss/counterfeit.shtml

F.B.I. http://www.fbi.gov/hq/cid/fc/fifu/about/about_fifu.htm

Comptroller of the Currency - Check fraud: A Guide to Avoiding Losses http://www.occ.treas.gov/1999/may.htm

National Check Fraud Center www.ckfraud.org/menu.html

American Law Institute - Order the 1999 edition of the Uniform Commercial Code www.ali.org

Cornell University Law School - Legal Information Institute www.law.cornell.edu/ucc/3/overview.html and

http://www.law.cornell.edu/ucc/4/overview.html

National Conference of Commissioners on Uniform State Laws http://www.nccusl.org/nccusl/default.asp

Frank Abagnale, nationally known speaker on Check fraud – www.abagnale.com

NACHA, The Electronic Payments Association – www.nacha.org

Eastpay, Regional Non-profit organization on electronic payments -www.eastpay.org

fraud prevention strategies at georgia tech georgia institute of technology accounting services...

Documents

check fraud

electronic fraud

certain types of checks

fraud investigation

theft of valid checks

transactions slide

georgia tech slide

use of legitimate blank