Cover Story April 2007

Demographics don’t explain fraud. All things being equal, small companies face as much risk as large companies. What ultimately makes one target more appealing to a criminal than another is the ease of opportunity. “The greater the perceived opportunity, the greater the likelihood that a criminal will attack,” says Bob Jones, principal of RW Jones Associates, Canton, Mass.

Those opportunities may come in the most unlikely situations. Distributor Ed Koszowski of Colonial Bank Note, Mountainside, N.J., learned that when he helped a municipal transit authority design tamper-free bus tickets.

The transit authority previously used tickets made from a thin stock, featuring the same image on the front and back. Riders would split tickets down the middle with a razor blade and create two out of one. Because both sides featured the same image, riders flashed the “front” of the altered ticket at the bus driver before dropping it in a ballot box. Bus drivers who didn’t check the backs of altered tickets accepted them on faith. The worst part: A bus ticket costs only 25 cents. “Anything is subject to counterfeiting,” says Koszowski. He solved the problem by substituting the tickets’ stock with Tyvek so it couldn’t be split. He also redesigned the image on the back so it looked different from the front.

One goal of document security is to deter criminals by lessening their opportunities for fraud. A worthwhile security program starts by keeping up with the Joneses. Security features on checks have become standard primarily because lacking them leaves a company wide open to counterfeiting. “It’s like the old joke about two hunters that come across a bear in the woods,” says Jones. “The bear attacks, and one hunter puts on his sneakers. The other says, ‘You can’t outrun a bear.’ The first hunter says, ‘I don’t have to outrun the bear. I just have to outrun you.’”

Fraud Happens
According to Jones, forged signatures and counterfeiting account for nearly 40 percent of check fraud cases. Jones, who regularly serves as an expert witness in fraud cases, cautions that most risks are close to home: “The biggest threat to companies that issue checks is their own employees,” he says. “The majority of cases I testify in center around dishonest bookkeepers.” Armed with this knowledge, distributors who sell security documents are in a position to consult with customers on safety procedures. One component of a secure system is division of labor. The same employees who balance accounts shouldn’t have check-writing abilities. Jones also advises companies to keep their check stock and electronic signature bugs secure.

“In addition to the internal threat, companies need to be worried about their checks being stolen and altered,” says Jones. One method that professional fraud artists use to take over bank accounts is relatively simple. They start by obtaining a working account number. Then they request a change of address from the bank and order new checks, which are sent to the alternate address. Once they’ve gotten hold of the checks, they’re able to cash them before the original account holder is aware that it’s happening.

Why Security Matters
End users who don’t have security measures in place open themselves to liability for losses that check fraud causes. Businesses are required by the Uniform Commercial Code to implement reasonable safety standards. Security features on checks is one example of a step that’s necessary for companies to take. “If you’re a business customer issuing checks, you’ve got to have those security features,” says Jones. “It’s an established business practice, so failure to have those features could open you to liability.” He points out that the Uniform Commercial Code makes the burden of liability a more equitable risk between banks and end users. “There was a shift from contributory negligence to comparative negligence,” he says. Instead of banks automatically incurring liability because they contributed to fraud through negligence, liability is assigned according to the comparative amount of negligence each party contributed.

On the Horizon
The implementation of Check 21 has had mixed results. In 2004, the Financial Services Technology Consortium conducted a study called “Controlling Fraud in a Truncated Check Environment: Assessing the Survivability of Paper-Based Check Security Features in Imaged-Based Operations.” The Consortium reported that only five of 22 security features could be verified at least 90 percent of the time from check images, regardless of resolution and image type. “The industry has been working hard to develop image survivable security features,” says Jones. “New threats have arisen because you don’t have the original paper document, but some threats have been reduced because of the way banks can use archives to detect fraud.”

As banks and specialists work on improving document security, distributors are in a position to help end users navigate through its evolution. On the horizon: interoperable security features that allow retailers to identify counterfeit checks at the point of transaction. “The holy grail of a Check 21 world is interoperable, image-survivable check security features,” says Jones. Security vendors are trying to encode information in bar codes on the front of checks, perhaps even embedded in the issuing company’s logo. The bar code would store the check’s serial number, payee, payer, amount and date of transaction. A counterfeiter wouldn’t have the key to decode or encode that information, but retailers and banks might have the equipment to detect whether it’s missing and alert them to potential fraud.

Jones marvels at the sophistication of security technology, and equally at the efforts of those determined to thwart it: “The people targeting us are professionals who work very hard at what they do, and they spend a lot of time thinking of ways to attack us.”

Check 21: Confront Banks That Wrongly Refuse End Users’ Checks
Since Check 21 went into effect, distributors have faced a recurring scenario—banks rejecting end users’ checks. Citing noncompliance with the law, the banks demand that end users make cosmetic changes to their checks to ensure processing. These demands have to do more with facilitating the bank’s workflow than with the law, says Dick Gray, president of Xtension Technologies, Laguna, Calif.

“We had a customer who left one employer and went to another one. Her supplier had removed the void pantograph completely,” says Gray. “She was CFO and wanted to know why they did it without telling her. The distributor based the removal of the void pantograph on faulty information from his manufacturer and the bank itself.”

Removing the pantograph was unnecessary and had nothing to do with the law, says Gray. “The banks want it removed because it’s easier to process checks without it.”

Unfortunately, when a bank flexes its muscle and end users panic, distributors too often capitulate and demand that manufacturers reprint the order, even when the manufacturer’s testing shows the check in compliance. “It creates a lot of disillusionment among all parties,” Gray says.

Instead of backing down, Gray suggests that distributors and manufacturers work together to confront the banks. The most common situation is when end users request cosmetic changes to their checks. Check compliance specialists at bank processing centers require customers to send test checks. They may interpret Check 21 narrowly and incorrectly declare the checks noncompliant. Different image processing centers at the same bank may even disagree with each other.

Gray compares Check 21’s enactment to the game of “Telephone.” As stakeholders disseminate the message about what constitutes compliance, it gets muddled. “In every single instance that I’ve been brought into this scenario, the banks have lost,” says Gray, “They will continue to lose, because I read the laws and they don’t.”
—Andy Brown

Andy Brown is managing editor of Print Solutions magazine. Email comments to abrown@PSDA.org.

The Many Instances of Fraud