The FRAUD Bulletin
FRAUD Bulletin
ACH Fraud
Mobile Fraud
Corporate Identity Theft
Small Business Fraud
Check Fraud Scams
Cyber Crime
Inside this Issue
1 Check Fraud – It’s Still #1
2 The Mobilization of Fraud
3 Cyber Crime Prevention
Volume 12
12 Check Security Features –
Why They Matter
14 Abagnale
4 Check Fraud Prevention –
Best Practices
15 SAFEChecks
6 Court Cases: Holder In
Due Course • Check Fraud
Scams • Positive Pay
18 Embezzlement: Preventing
The “Inside Job”
8 ACH Fraud – Small But
20 Identity Theft – It Can
Happen To You
9 Positive Pay, ACH, and
Check Writing Software
21 Corporate Identity Theft
Small Business –
Fraud Prevention
10 Laser Printing and
Check Fraud
11 Check 21:
The Hidden Liability
16 Abagnale Supercheck
Frankly Speaking . . .
ome of the most serious financial
crimes in America are check fraud
and identity theft. The Nilson Report
estimates check fraud losses to be
about $20 billion a year. Check fraud is by
far the most dominant form of payment fraud
and produces the greatest losses. Check fraud
gangs are hardworking and creative. They
constantly try new techniques to beat the
banking system and steal money. Historically,
the banks have been liable for these losses.
However, changes in the Uniform Commercial
Code now share the loss with the depositor.
Furthermore, the Federal Trade
Commission reported that nearly 15 million
Americans have been victims of identity theft,
costing consumers $5 billion and banks and
businesses $56 billion every year. Because
this crime is so simple to commit, I believe
identity theft will become one of the most
profitable criminal activities in history.
There are endless opportunities for a
criminal to obtain the necessary information to
commit identity theft. Let me illustrate just two,
beginning with your visit to a doctor. As a new
patient, the receptionist asks you to complete
a form that asks for your name, address,
phone number, and your employer’s name,
address and phone, and your health history.
They copy your insurance card, which may
include your Social Security number. Your
Abagnale Fraud Bulletin, Volume 12
co-pay is paid with a check drawn on your
bank account. You have just provided enough
information for someone to become you.
Another example. You walk into an
upscale department store to make a purchase.
You take your selection to the cashier and
write a check. On that check is your name,
address and home phone number, the name
of your bank and its address, and your bank
account number. The cashier asks for your
driver’s license. The cashier memorizes the
birth date on your license, and then asks for
your work phone number, which will give them
the name and address of your employer. Once
again, a thief has sufficient
information to apply for credit
in your name.
I am 65. As a teenager
I did things that today, as
a husband and father, an
educator and consultant, I am
not proud of. But, recounting
one youthful experience may
be illustrative.
In my youth, when I
wanted to establish a new
identity (so that I could open
a bank account and pass bad
checks), I would go to the
Department of Vital Records (in any city I was
in). I would ask to see the death records for
1948, the year I was born. Every fifth or sixth
entry was an infant who had died at birth. I
would write down the death information and
later apply for a birth certificate in that name.
I would fill out a form, pay $10, and obtain a
legitimate birth certificate. I would go to the
DMV and get a license with my picture, my
description, and somebody else’s name. I had
50 legitimate driver’s licenses.
Now, 40 years later, you can buy a CD
ROM with birth and death records, and can
apply for a new birth certificate by mail. There
are Web sites that sell Social Security numbers
for $49.95. Their advertisements claim that they
can tell you anything about
anybody. I researched these
companies—all you provide is
someone’s name, address and
DOB—and they will tell you
everything you want to know,
including spouse and children’s
For the identity theft
victim, the nightmare has
just begun. On average, it
costs a victim $1,173 and 175 man-hours to
get their credit report straightened out. Fixing
the problem is not as simple as saying “…I
did not apply for that loan.” You must prove
you did not apply for that loan. To fix things,
you must first convince the credit card or
finance company. Then, you must convince
all three credit bureaus. In most cases, the
credit bureaus refuse to delete the dispute
from your credit files. Instead, they put an
asterisk and say, “Customer disputes this Visa
charge, claims they were a victim of identity
theft.” The result is that anyone accessing your
credit report, whether a potential employer or
a company considering granting
you credit, may question whether
you were really a victim or if you
were just ripping somebody off.
I am personally concerned
about identity theft. A few years
ago, I subscribed to a service
that notifies me each time my
credit report is accessed.
Privacy Guard (www. provides
me with the contact information
of any company that obtained
my credit report, as well as the
means to correct false data. I
consider their annual fee money well spent.
This publication was written to help
individuals and companies learn how to
reduce their risk of check fraud, identity theft
and embezzlement. I hope you find it useful.
Because there was not space to cover every
scam, I have included references to various
agencies and organizations with useful
products or information. I have written three
books, The Art of the Steal, The Real U Guide
to Identity Theft and Stealing Your Life, that
cover numerous scams and solutions in detail.
For individuals concerned about check fraud,
I designed the Supercheck, a high-security
personal check with 12 safety features. I also
designed the SuperBusinessCheck and
SAFEChecks for companies and organizations
that want extremely secure checks.
See Pages 14 through 17.
Greg Litster, Robin Johnson - Editors
Check Fraud–It’s Still #1
heck fraud litigation began in 1762
with Price v. Neal, and check fraud
has continued unabated for the
last 250 years. With 70% of today’s
organizations still issuing checks, check fraud
will not be going away anytime soon. The AFP
Payments Fraud and Control Survey indicates
that “checks continue to be the dominant
payment form targeted by fraudsters,” with
82% of affected organizations reporting that
their checks were targeted.1
Not only are checks the dominant vehicle
for committing payment fraud, they are the
greatest source of actual losses. Almost 60%
of financial losses come from check fraud –
more than all other forms of payment fraud
combined. All types and sizes of organizations
are targeted, and those that are successfully
hit once are often targeted repeatedly.
In the latest AFP Survey, 62% said that
the most prevalent check fraud method was
“counterfeiting by altering the MICR line on
the check.” Other types of counterfeit checks
used a fake company name. More than half
– 52% – of check fraud attempts involved
altered payee names, and 37% were altered
dollar amounts. This is up from 49% and 25%
respectively in 2012. Such alterations may
have been prevented by using high security
checks. (See Pages 14 – 16.)
There were additional reasons for check
© Frank W. Abagnale 2014
fraud losses, all of which were within the
organization’s control: in 28% of the cases,
Positive Pay or account reconciliation was not
timely, and 21% of the time the losses came
from internal fraud. Internal fraud was up
from 13% in 2012. Another 17% did not use
Positive Pay.
Holder in Due Course
contributed to a forged or altered check, they
may be restricted from seeking restitution from
the bank. Second, the concept of “comparative
negligence” in Sections 3-406(b) and 4-406(e)
can also shift liability from the bank to the
account holder. If both the bank and the
account holder have failed to exercise ordinary
care, a loss may be allocated based upon how
each party’s failure contributed to the loss.
In 38% of the check fraud losses, the
fraudulent check was cashed by a checkcashing service, initiating a Holder In Due
Course claim. This is up from 22% last year,
a showing large rise in losses stemming
from Holder In Due Course claims. Holder in
Due Course (HIDC) is a powerful part of the
Uniform Commercial Code which regulates
an organization’s liability for check fraud.
Under HIDC, a company can be held liable
for counterfeit items that look “genuine,”
or are virtually identical to its own checks.
If a genuine-looking counterfeit check was
cashed by the bank, even if the account was
on Positive Pay, the issuer can still be held
liable. Placing a stop payment on a check does
not end the issuer’s liability to pay the check.
Holder in Due Course trumps stop payments
and Positive Pay. This is the reason to use a
controlled check stock, and to have a short
expiration date printed on the check. To learn
more about Holder In Due Course, see
Page 6.
Read Bank Contracts
Uniform Commercial Code
Prevention Is For
The legal basis for liability in check fraud
losses is found in the Uniform Commercial
Code (UCC). The UCC places responsibility for
check fraud losses on both the bank and its
customers. Responsibility for check issuers and
paying banks falls under the term “ordinary
care.” Ordinary care requires account holders
to follow “reasonable commercial standards”
prevailing in their area and for their industry or
business. For example, in the AFP 2014 survey,
81% of all organizations use Positive Pay. A
bank can argue that a company not using
Positive Pay is not exercising “ordinary care.”
See “Cincinnati” on Page 8. Under Sections
3-403(a) and 4-401(a), a bank can charge
items against a customer’s account only if they
are “properly payable” and the check is signed
with an authorized signature. If a signature is
forged, the account holder may still be liable if
one of the following exceptions applies:
First, if account holders’ own failures
Read your bank contracts and Disclosure
Agreements to understand your liability for
fraud losses under the UCC. This includes the
small print on signature cards and Disclosure
Statements. A bank’s intentions must be stated
clearly to prevail against a customer in a check
fraud case. Banks are re-writing their signature
card agreements and adding new provisions to
their Disclosure Statements. For a summary of
the UCC, visit
Risk Management
Financial institutions and bank customers
face a shared risk from check fraud.
Executives must answer “How do we assess
our risk? How much financial exposure are we
willing to assume? What real and hidden costs
will we bear if we become victims of payment
fraud? How might our image and reputation be
damaged? How much are we willing to spend
to reduce this exposure?”
Everyone has a responsibility to help
prevent check fraud. Financial institutions
still list check fraud as one of their top
three threats, and view a lack of customer
awareness as one of their biggest challenges
in fraud prevention. Given that 70% of today’s
organizations still issue checks, financial
professionals must use a number of tools and
strategies to protect their organizations. The
Federal Reserve recently required all banks
to educate their customers on how to prevent
fraud. Fraud mitigation tools are discussed
throughout this Fraud Bulletin, and should be
reviewed with your bank.
Frank Abagnale concludes:
“Punishment for fraud and recovery of
stolen funds are so rare, prevention is the
only viable course of action.”
for Financial Professionals (AFP) 2014 Payments Fraud and
Control Survey
Page 1 • Abagnale Fraud Bulletin, Volume 12
The Mobilization Of Fraud
Page 2 • Abagnale Fraud Bulletin, Volume 12
Mobile Banking
Over 28% of all mobile phone users
have used a mobile banking app in the past
12 months, and 15% have made a mobile
payment. Mobile payment growth has been
slow because of concerns about security,
but its use is steadily increasing. Growth of
corporate payments is slow due to invoicing
and remittance detail complexities.
Mobile remote check deposit has become
one of the most desirable mobile banking
applications. Over 80% of banks offer or plan
to offer Remote Deposit Capture (RDC) for
mobile phones. Fraudsters have largely left
mobile RDC alone, perhaps because of low
daily deposit limits. However, cases of doubledepositing of checks via mobile banking are
(the depositor) made when the electronic
image was deposited. The remedy: Under
Check 21, the first presentment of the
check (via smartphone) can be charged
back to the bank of first deposit as a
breach of Warranty (due to the second
presentment) for up to one year from the
date the injured party discovers the loss.
Mobile Deposits &
Holder In Due Course
Scenario: John Doe picks up a check
made payable to “John Doe” from a business
or individual. He walks outside and deposits
the check remotely using his smartphone. He
then walks back inside and returns the check,
asking that it be replaced with a new check
made payable to John Doe OR Jane Doe. The
issuing person or company reissues a new
check payable to John Doe or Jane
Doe. They don’t think to place a Stop
Payment on the first check because it is
in their physical possession. John Doe
cashes the second check, and waits
overnight for the first check to clear
before withdrawing the money from the
first check. Unfortunately, the drawer
issuing the check can be held liable for
both checks. Reason: The second check
was cashed at the bank, and the first
check was deposited remotely. While
banks often cooperate to stop fraudulent
activity, John Doe’s bank is a Holder In
Due Course and is under no obligation
to return the funds to the issuer.
To prevent this kind of theft, if a
check leaves your possession for any
length of time and is returned for a
replacement, place a Stop Payment on that
check. Cause the recipient to sign an affidavit
declaring the check has not been remotely
deposited, and accepts liability for all expenses
to recover any stolen funds. See “Check 21”,
Page 11.
Protect your mobile device from malware
by updating to the latest operating system
and using mobile security apps. Read reviews
of security apps at http://securitywatch. Be wary of unsolicited app
offers, especially if it comes to you via a text
message. Trustworthy apps will have many
users, and will have many user reviews
written in correct English. Check your mobile
phone bill for unknown or unusual charges.
Remember: for mobile fraud prevention, the
best defense is to use common sense.
iStock Photos
obile fraud is “the new
kid on the block,” and it
is skyrocketing. Malicious
activity on the mobile
platform is growing much more quickly
than it did on the PC platform, and many
industry experts believe that mobile threats
will eventually surpass PC threats. Many of
the attacks stem from applications that are
innocently downloaded onto mobile devices.
The total number of malicious apps grew
614% last year.
The vast majority of mobile malware is
aimed at the Android platform. In the third
quarter of 2013, McAfee Labs found over
17,000 new strains of malware targeting
Android devices. These include several mobile
malwares that can capture a bank customer’s
user name and password, and can intercept
text messages the bank sends to
its customer for authentication. The
malicious parties can then access
the account and transfer funds.
Smishing is another new mobile
fraud strategy, sending unsolicited
text messages to capture a victim’s
personal data. Once spammers
capture the information, they either
sell it or use it to commit fraud.
Mobile fraud is not aimed
solely at accessing someone’s bank
account. Much of the new malware
is used for “toll fraud,” tricking
victims into calling premium-rate
numbers owned by the attackers.
Each successful attack can yield $10
in immediate profit to the fraudsters,
per call.
A major concern for mobile users are
links to malicious Websites. The links may
be imbedded in emails, attachments, social
networks or text messages, and are activated
when the victim clicks on the link or visits the
site with their mobile device.
On the e-commerce side, mobile
transactions are expected to grow by 40
percent to $325 billion in 2014 due to tech
advancements and changes in shoppers’
behavior. Criminals are trying to figure
out the best approaches to compromise
mobile transactions. As far as criminals are
concerned, it’s easier and more rewarding to
target retailers than individual phones. While
tracking mobile fraud is relatively new, over
25% of merchants engage in some sort of
mobile fraud awareness and prevention.
Mobile Deposits &
Double Debits
The legal basis for depositing a digital
image of a check is Check 21. Check 21
has a rule (“Warranty”) that specifically
prohibits a check or its image from being
presented for payment more than once,
and provides a powerful recovery remedy
if it occurs. Example: John Doe receives a
check and deposits the check (its electronic
image) via his smartphone app. He still
possesses the physical check, which he
later cashes at a check-cashing store.
When the check casher deposits the original
physical check and it hits the drawer’s bank
account, that second presentment of the
check breaches the Warranty that John Doe
Cyber Crime Protection
Preventing Unauthorized
In four easy steps you can prevent
unauthorized online money transfers: 1)
Purchase a new computer that is dedicated
to online banking only. A basic computer will
suffice. 2) Require two different computers and
users/passwords to send money out of your
account. One or more employees can initiate
a wire or ACH transfer using their everyday
computers, but require that all initiated
transfers be released using the dedicated
banking computer. Persons authorized to
release the transfers must use different user
names and passwords than those used to
initiate the transfer. 3) Update your bank’s
Electronic Funds Transfer (EFT) agreement
to reflect your revised, two-computer
initiation-release procedures. 4) Implement
all additional controls and technologies your
bank recommends. Failure to implement the
controls the bank recommends may result in
your being liable for any cyber losses.
The justification for using a dedicated
computer to release money transfers is best shown
by a recent cyber crime case in California.
• Frequently review network log data to
identify any unusual or unauthorized events.
• Install software that limits the sites users may
access; use caution on unknown Websites.
• Use a network-based Intrusion Prevention
System (IPS).
• Educate in-house developers about secure
development practices, such as the Security
Development Lifecycle.
• When employees leave the company,
immediately disconnect all their access to the
company’s network and building, shut down
remote connections, and collect their cell
phones, iPDAs, smartphones,
etc. Change any passwords they used.
In 2010, the owner of Village View Escrow
in Redondo Beach received an e-mail informing
her that a UPS package she had been sent
was lost, and urged her to open the attached
invoice. When she opened the attached file,
nothing happened, so she forwarded it to
her assistant who also tried to open it. The
alleged “invoice” contained a keystroke logger
virus that shortly captured the passwords
used on both the owner’s computer and
the PC belonging to her assistant, who was
the second person needed to approve wire
transfers. After the passwords were captured,
cyber thieves sent 26 wire transfers totaling
$465,000 to 20 individuals around the world.
This loss could have been prevented if the
company had used a dedicated, “clean”
computer to release wires/ACH transfers.
Individuals / Families
yber crime is a mature,
underground international
business with well-organized
syndicates attacking companies,
municipalities, non-profits, even power
grids. These syndicates also sell customized
malware and instant hacking tools to novice
cyber criminals, allowing them to quickly join
the criminal community. Cyber criminals are
increasingly more inventive and malicious,
and the battle against them will never end.
Organizations and individuals must be
continually vigilant, and devote time and
resources to thwart these attacks.
Malware and hacking are the primary
methods used to get inside an organization’s
computer system. There are two types of
malware – auto-executable code (a “drive-by”
download) that can happen merely by visiting
an infected website, and code that requires
interaction by users, e.g. opening an email
attachment or clicking on an imbedded link.
Because online threats are so rampant, when
developing defensive strategies, assume
that your computers used for email and web
searches are already infected. However,
even if a computer becomes compromised,
preventing online intruders from stealing your
money is simple.
New Twists on Cyber
Describing the many methods criminals
are now using to infiltrate computer systems
and mobile devices – and how you can block
them – is beyond the scope of this Bulletin.
However, we have assembled many excellent
articles and links that will provide you with this
information. Visit
Companies / Organizations
• Perform thorough background checks on
new employees. Employees are a company’s
greatest vulnerability.
• Consider monitoring all the activities your
employees do on company computers, which
is completely legal. Some states require
that employees be given notice that their
keystrokes and searches are being monitored.
• Implement security policies to restrict
unauthorized access to sensitive data.
• Require that all sensitive data be encrypted
or password protected before transmission.
Many software programs do this easily.
• Regularly review and install updated patches
for your operating system software.
• Use anti-virus and anti-spyware software on
your computer, and update frequently.
• Use a properly-configured firewall.
• Add security software to your smartphone,
IPad, tablet, etc.
• Do not follow links found in email messages
from untrusted sources; they may be links to
spoofed Web sites. Manually type the URL.
• Completely close down your Internet browser
after doing online banking or shopping.
• Never reply to an email, text, or pop-up
message that asks for personal or financial
• Never open an email attachment unless you
are expecting it or know what it contains.
• Download software only from trusted sites.
• Restrict which applications you install on
social networks, cell phones.
• Don’t send sensitive files over a Wi-Fi
network unless it is secure. Public “hot spots”
are not secure.
• When you are not using Wi-Fi, close down
the wireless connection to your laptop.
• Don’t respond to a message asking you to
call a phone number to update your account
or give your personal information. If you need
to reach an organization, look the number up
• Protect your children from online predators
by tracking their keystrokes, emails, MySpace,
Facebook, IM, and websites they visit on their
computers and cell phones. See Spector Pro,
PhoneSheriff, eBlaster, etc.
2010-2013 Verizon Data Breach Investigations Report
2009-2013 CSI Computer Crime and Security Survey
(2006-2013)Symantec Internet Security Threat Reports (several articles on website)
PC Magazine ( • CNET Networks (
Page 3 • Abagnale Fraud Bulletin, Volume 12
Check Fraud Prevention–Best Practices
o product, program or
policy can provide 100%
protection against check
fraud. However, specific
practices can significantly reduce check fraud
risk by discouraging a criminal from alteration
or replication attempts, and by thwarting
his counterfeiting efforts. The following are
important recommendations for reducing risk.
High Security Checks
Check fraud prevention begins with
high security checks. High security checks
are the first line of defense against forgers,
and there is substantial evidence that they
significantly reduce check fraud attempts:
Every loss begins with an attempt–eliminating
the attempt eliminates the loss! High security
checks also help prevent altered payee names
or dollar amounts.
High security checks should contain at
least ten (10) safety features. More is better.
Pages 14 through 17 show high security
checks designed by Frank Abagnale.
Many check manufacturers claim their checks
are secure because they include a padlock
icon. The padlock icon does not mean a
check is secure; only three safety features are
needed in order to use the icon.
Some legal experts suggest that the
failure of a business to use adequate security
features to protect its checks constitutes
negligence. By using high security checks, a
company can legally demonstrate that care
has been taken to protect its checks.
Positive Pay
In addition to high security checks,
Positive Pay is one of the most effective check
fraud prevention tools. It is an automated
check-matching service that can detect most
bogus checks. It is offered through all major
banks and many smaller banks. To use this
service, the check issuer transmits to the
bank an electronic file containing information
about the checks it has issued. Positive Pay
compares the account number, the check
number, dollar amount and sometimes payee
name on checks being presented for payment
against the previously submitted list of checks
issued by the company. All the components of
the check must match exactly or it becomes
an “exception item.” The bank provides the
customer with an image of the suspect check
to determine each exception item’s authenticity.
Page 4 • Abagnale Fraud Bulletin, Volume 12
If the check is fraudulent or has been altered,
Preventing Added Payees
the bank will return the check unpaid, and the
Adding a new Payee Name is a major
fraud is foiled. For Positive Pay to be effective,
scam used by sophisticated forgery rings. They
the customer must send the data to the bank
understand Payee Positive Pay’s limitations
before the checks are released (see Pages 4
and simply add a new payee name above
and 9).
the original name. They then cash the check
Because revisions in the UCC impose
using bogus documents in the name of the
liability for check fraud losses on both the
added payee. To help prevent added payee
bank and its customer, it is important for
names, use a Secure
everyone to help
Name Font (see
prevent losses. When
Pages 9 and 10)
a company uses high
or insert a row of
in 30 years to deal with the
security checks with
asterisks above
Positive Pay, the risk
problem of forged, altered and
the payee name.
and liability for check
To help prevent
fraud are substantially
altered payees,
— Frank W. Abagnale
reduced. Many banks
use high security
charge a modest fee
checks like the
for Positive Pay, which should be regarded as
SuperBusinessCheck or SAFEChecks, and
an “insurance premium” to help prevent check
good quality toner to keep the Secure Name
fraud losses.
Font or asterisks from being removed without
leaving evidence. Cheap toner will peel off with
Reverse Positive Pay
common office tape.
Organizations or individuals with small
check volume can use Reverse Positive Pay.
ACH Filter or Block
This service allows an account holder to log on
Forgers have learned that Positive Pay
and review in-clearing checks daily to identify
doesn’t monitor electronic “checks,” also
unauthorized items. The account holder can
known as Automated Clearing House (ACH)
download the list of checks from the bank and
debits. Files containing ACH debits are
compare them to their issued check file. Suspect
created by an organization or company and
checks must be researched and the bank
submitted to its bank. The bank processes the
notified of items to be returned that day. While
file through the Federal Reserve System and
Reverse Positive Pay provides timely information
posts the ACH debit against the designated
on a small scale, for larger check volume it is
accounts. Because paperless transactions
not a worthy substitute for Positive Pay.
pose substantial financial risk, most banks are
careful to thoroughly screen any company that
Payee Positive Pay
wants to send ACH debits. However, some
Is Not Foolproof
dishonest individuals still get through the
Positive Pay and Reverse Positive Pay
screening process and victimize others. Banks
monitor the check number and dollar amount.
have liability for allowing these lapses.
Several banks have developed Payee Positive
To prevent electronic check fraud, ask
Pay (PPP) that also compares the payee name.
your bank to place an ACH block or filter on
PPP identifies the payee name by using the X,
your accounts. An ACH block rejects all ACH
Y coordinates on the check face and optical
debits. For many organizations, a block is not
character recognition software to interpret and
feasible because legitimate ACH debits would
match the characters. Matching the payee
be rejected. In this case, use an ACH filter.
name, check number and dollar amount will
In the electronic debit world, each ACH
stop most check fraud attempts. However,
originator has a unique identifying number. An
PPP is not 100% foolproof because
ACH filter allows debits only from preauthorized
criminals can add a fraudulent Payee
originators or in preauthorized dollar amounts.
Name two lines above the original Payee
If your bank does not offer a filter, open up a
Name, outside of the bank’s X,Y coordinates.
new account exclusively for authorized ACH
The bogus added Payee Name will not be
debits, and restrict who has knowledge of that
detected by Payee Positive Pay, resulting in
account number. ACH block all other accounts.
the altered check being paid (see Page 9).
Check Washing
Washing a check in chemicals is a
common method used by criminals to alter
a check. The check is soaked in solvents to
dissolve the ink or toner. The original data is
replaced with false information. To defend
against washing, use high security checks that
are reactive to many chemicals. When a check
reacts to chemicals, the “washing” can often
be detected when the check dries. Chemically
reactive checks become spotted or stained
when soaked in chemicals. A Chemical Wash
Detection Box on the back of the check warns
recipients to look for evidence of chemical
washing. See Page 16.
Forgers and dishonest employees can
easily erase words printed in small type and
cover their erasures with a larger type font.
Prevent erasure alterations by printing checks
using a 12 or 14 point font for the payee
name, dollar amount, city, state and zip code.
See Page 10 on Laser Printing.
Prompt Reconciliation
The revised UCC requires an organization
to exercise “reasonable promptness” in
examining its monthly statements, and
specifically cites 30 days from the date of
mailing from the bank. Carefully read your
bank’s disclosure agreement that details the
length of time you have to report discrepancies
on the bank statement. Some banks have
shortened the reporting timeframe to less than
30 days. Failure to reconcile promptly is an
invitation for employees to embezzle because
they know their actions will not be discovered
for a long time. If you are unable to reconcile
on time, hire your accountant or an outside
reconciliation service provider and have the
bank statements sent directly to them.
The people issuing checks should not be
the same people who reconcile the accounts.
Repeater Rule
The repeater rule limits a bank’s liability.
If a bank customer does not report a forged
signature, and the same thief forges a
signature on additional checks paid more than
30 days after the first statement containing
the forged check was made available to the
customer, the bank has no liability on the
subsequent forged checks so long as it acted
in good faith and was not negligent.
The one-year rule is another important
guide. Bank customers are obligated to discover
and report a forged signature on a check within
one year, or less if the bank has shortened the
one-year rule. If the customer fails to make the
discovery and report it to the bank within one
year, they are barred from making any claim for
recovery against the bank. This applies even if
the bank was negligent.
Controlled Check Stock
Generic check stock that is sold
completely blank is known as uncontrolled
check stock. It is readily available to everyone,
including criminals, and is a major contributor
to check fraud. If multiple companies use the
same blank, uncontrolled check stock, they are
60% of organizations experienced
attempted or actual payments
fraud. 82% of affected
organizations report that
checks were targeted.
AFP Payments Fraud Survey 2014
iStock Photos
left with no legal defense against their bank
if the bank pays a counterfeit check which is
made on check stock identical to their own.
(See Robert J. Triffin V. Somerset Valley
Bank and Hauser Contracting Company,
Page 7.)
Controlled check stock is customized
in some unique way for each organization.
It should also be numbered on the back of
the check with sequenced inventory control
numbers to prevent internal fraud. See Pages
14 and 15.
Manually Issued Checks
Every organization occasionally issues
manual checks. Some are typed on a selfcorrecting typewriter which uses a black,
shiny ribbon. This black shiny ribbon is made
of polymer, a form of plastic. Plastic is typed
onto the check. Forgers can easily remove
this typing with ordinary office tape, type in
new, fraudulent information, and then cash the
signed, original check!
When typing manual checks, use a
“single strike” fabric ribbon, which uses ink,
not polymer. They can be found online in the
catalog of major office supply stores.
Check Stock Controls
Check stock must be kept in a secure,
locked area. Change locks or combinations
periodically. Keep check boxes sealed until
they are needed. Inspect the checks when
received to confirm accuracy, and then re-tape
the boxes. Write or sign across the tape and
the box to provide evidence of tampering.
Conduct physical inventory audits to account
for every check. Audits should be conducted
by two people not directly responsible for
the actual check printing. When checks are
printed, every check should be accounted
for, including voided, jammed and cancelled
checks. After the check run, remove the
unused check stock from the printer tray and
return it to the secure storage location.
Annual Reports and
Annual reports should not contain the
actual signatures of the executive officers.
Forgers scan and reproduce signatures on
checks, purchase orders, letters of credit.
Do not include account numbers in
correspondence. Credit applications should
include the name and phone number of the
company’s banker, but not the bank account
number. Nor should an authorized signer
on the account sign the correspondence.
You have no control over who handles this
information once it is sent, and it could be
used to commit fraud.
Wire Transfers
Forgers obtain bank account information
by posing as customers requesting wiring
instructions. Wire instructions contain all the
information necessary to draft against a bank
account. To avoid giving out primary account
numbers, open a separate account that is
used exclusively for incoming credits, such
as ACH credits and wire transfers. Place the
new account on “no check activity” status
and make it a “zero balance account” (ZBA).
These two parameters will automatically route
incoming funds into the appropriate operating
account at the end of the business day, and
prevent unauthorized checks from paying.
A West Coast Bank
Check Fraud Attempts/Losses
Introduction of
- high security checks
- Positive Pay
- customer education
Check fraud attempts and losses fell by 95% over three years
after a West Coast bank introduced high security checks and
Positive Pay, and educated its customers on check fraud
Page 5 • Abagnale Fraud Bulletin, Volume 12
Court Cases
Holder In Due Course
Holder in Due Course, a powerful part of the Uniform Commercial Code,
can adversely impact an organization’s liability for check fraud, including
those checks on which a “stop payment” has been placed.
Who or what is a Holder in Due Course? A Holder in Due Course (HIDC)
is anyone who accepts a check for payment, and on the face of the check
there is no evidence of alteration or forgery, nor does the recipient have
knowledge of any fraud related to the check.
Under these conditions, the recipient is an HIDC and is entitled to be
paid for the check. The statute of limitations under the UCC for an HIDC to
sue the check’s maker for its full face value is 10 years from the issue date,
or three years from the date the check was deposited and returned unpaid,
whichever comes first.
Holder in Due Course trumps stop payments and Positive Pay
exceptions. Further, an HIDC can assign, sell, give, or otherwise transfer
its rights to another party, who assumes the same legal rights as the
original Holder.
In the 2012 AFP Payments Fraud and Control Survey, 48 percent
of organizations’ check fraud losses were a result of payouts to check
cashers (bank and non-bank) from Holder In Due Course claims. This is
up from 37 percent in the 2009 survey, indicating a growing and serious
Actions Taken in Response to
Holder in Due Course Claims
Frequency of HIDC Claims
Prudent companies use controlled high security checks to
protect themselves from some HIDC claims.
The following three Federal Appellate Court cases illustrate the farreaching power of Holder in Due Course laws.
Placing A Stop Payment Does Not End Your Obligation To Pay A Check
In July 1993, Cigna Insurance issued James Mills a Worker’s
Compensation check for $484. Mills falsely claimed he did not receive it
due to an address change, and requested a replacement. Cigna placed
a stop payment on the initial check and issued a new check, which Mills
received and cashed. Later, Mills cashed the first check at Sun’s Market
(Sun). Sun presented the check for payment through its bank.
Cigna’s bank dishonored the first check, stamped it “Stop
Payment,” and returned the check to Sun’s bank, who charged it back
against Sun’s account. Sun was a Holder In Due Course, and if Sun had
filed an HIDC claim against Cigna as the issuer of the check, it would
have been entitled to be paid. Apparently, Sun did not know about HIDC,
because it merely pinned the check on a bulletin board in the store,
where the check stayed for two years.
Robert Triffin bought the check from Sun, assumed its HIDC rights,
and filed this lawsuit in August 1995, over two years after the check was
returned unpaid (statute of limitations is three years). The Court ruled in
favor of Robert Triffin, and ordered Cigna to pay him $484, plus interest.
Recommendation: Allow a check to “expire” before replacing it,
or you may be held liable for both checks. A party that accepts an
expired check has no legal standing to sue as a Holder in Due
Course if the check is returned unpaid.
Print an expiration statement on the check face such as, “THIS
lost, wait 30 + 2 days from the initial issue date before reissuing. Many
companies print “VOID AFTER 90 DAYS” but cannot reasonably wait that
long before re-issuing a check.
Superior Court of New Jersey, Appellate Division, A-163-00T5
An analysis of court cases can be downloaded from
Click on Fraud Prevention Tips, then Holder in Due Course.
Page 6 • Abagnale Fraud Bulletin, Volume 12
You May Be Held Liable For Checks You Did Not Issue or Authorize
Hauser Contracting Co. used ADP for payroll services. A thief
obtained check stock that looked identical to ADP’s checks and created
80 counterfeit payroll checks totaling nearly $25,000 that were identical
to the ADP checks used by Hauser Contracting Co.
A retailer who knew Mr. Hauser became suspicious and called him.
Somerset Valley Bank also called. Mr. Hauser reviewed the in-clearing
checks, which looked just like his, and confirmed the checks were
unauthorized and the payees were not his employees. The bank returned
the checks marked as “Stolen Check - Do Not Present Again.”
Robert Triffin bought 18 of these checks totalling $8800 from four
check cashing agencies, claimed HIDC status, and sued both Mr. Hauser
and his bank for negligence for not safeguarding the payroll checks
and facsimile stamp. Because the counterfeit and authentic checks
looked identical, the lower court ruled for Triffin. Hauser appealed, but
the Federal Appellate Court upheld the lower court. The Court said the
counterfeit check met the definition of a negotiable instrument, and
because the check and signature were identical to an authentic check,
the check cashing agency could not have known it was not authentic.
Recommendation: Use a controlled check stock, which
means using checks that are uniquely designed or customized for your
organization and are not available blank to others. SAFEChecks and the
SuperBusinessCheck are controlled check stocks.
Superior Court of New Jersey, Appellate Division, A-163-00T5
High Security Checks May Protect You From Some Holder in Due Course Claims
Pomerantz Staffing Services used high security checks that included
heat sensitive (thermochromatic) ink on the back and a warning banner
INK TO CONFIRM AUTHENTICITY.” Someone made copies of Pomerantz’s
checks, but without the thermo ink on the back. They cashed 18 checks
totaling $7000 at Friendly Check Cashing Company. Friendly’s cashiers
failed to heed the warning on the check face, and did not look for the
thermo ink on the back. All 18 checks were returned unpaid, likely
caught by Positive Pay.
Robert Triffin bought the checks, claimed Holder in Due Course
status, and sued Pomerantz. Pomerantz counter-sued and won! The
judge correctly asserted that if Friendly had looked for the thermo ink
as instructed, they could have determined the checks were counterfeit.
Because they were provided a means to verify authenticity and failed to
do so, they were not an HIDC and had no rights to transfer to Mr. Triffin.
This case illustrates the value of check security features, a properly
worded warning band, and a controlled check stock. Pomerantz was
protected by his checks.
Recommendation: Use high security checks with overt and
covert security features, including explicitly worded warning bands. Such
security features will also help prevent other kinds of check fraud. The
SuperBusinessCheck is a properly designed high security check with
16 security features.
Visit for an in-depth article, Holder in
Due Course and Check Fraud, written by Frank Abagnale and
Greg Litster. Click on Holder in Due Course.
Greenberg, Trager & Herbst, LLP v. HSBC Bank, USA 17 N.Y.3d 565 (2011)
In a landmark decision, the New York Court of Appeals upheld that
the depositor of a counterfeit check is responsible for risk of loss “until
the settlement becomes final. Statements concerning ‘clearing’ of a
check and funds availability are irrelevant.”
A New York City law firm (Greenberg) received an email requesting
legal services from a potential client in Hong Kong. As part of the
transaction, the client requested that the law firm accept a check for
$197,750, deduct $10,000 for its fee, and wire the balance to another
firm in Hong Kong. (This should have been the first clue that this was a
scam.) The law firm deposited the check, which appeared to be drawn
on a Citibank account, into its account at HSBC Bank.
The next business day, HSBC provisionally credited the firm for
$197,750, per federal funds availability regulations. A day later, the law
firm called HSBC, asking if the check had “cleared” the account. Being
told that it had, the firm wired $187,750 to the other firm in Hong Kong
as instructed. The check ultimately proved to be counterfeit, and HSBC
charged back $197,750 to the Greenberg account.
Greenberg sued Citibank for “failing to discover that the check was
counterfeit” and sued HSBC for “negligent misrepresentation” for stating
that the check had cleared when in fact it had been returned to HSBC,
re-routed to a different Citibank processing center, and then returned
again as counterfeit to HSBC.
The New York Supreme Court issued summary judgment for both
banks and dismissed all of Greenberg’s claims. Upon appeal, the Court of
Appeals upheld the first court’s decision. Citing the Uniform Commercial
Code, Citibank had no obligation to detect fraud for Greenberg because
Greenberg was not Citibank’s client. Its only obligation was to pay the
check, return it, or send written notice that it had been dishonored. It had
returned the check within the prescribed deadline.
Both claims against HSBC were also dismissed. The bank’s contract
specifically stated that clients may not pursue claims based on a bank
employee’s oral representations. The Court also held that the term “a
check has cleared” is ambiguous and not definitive that final settlement
had occurred.
Furthermore, the Court rejected Greenberg’s argument that both
banks should have had procedures in place that would have prevented
the fraud. The Court ruled that the law firm itself was in the best position
to prevent fraud, and had a responsibility to know its client.
This scam was a text-book-case scenario, and while it is shocking
that a law firm could be taken in by such a classic scam, it should serve
as a warning that anyone can be deceived. Vigilance and intelligence
must be used when accepting a check. Do not accept a check for
more than the amount due and then wire out the difference. Visit for additional fraud prevention tips.
Page 7 • Abagnale Fraud Bulletin, Volume 12
ACH Fraud – Small But Growing….
ACH stands for Automated Clearing
House, and the “ACH Network” serves as the
infrastructure for electronic payments between
individuals and organizations. The ACH
Network accommodates and moves both debit
and credit transactions. Last year, the ACH
Network handled over 21 billion transactions
such as Direct Deposit and Direct Payment.
Even though the ACH Network is one of
the safest payment systems in the world, ACH
fraud has almost doubled, from 12% in 2010
to 22% today.
The ACH Network began as a system for
moving recurring transactions between parties
who knew and trusted each other, but has
evolved into a system of transient and often
one-time transactions between unfamiliar
groups and individuals. This evolution,
combined with the growing sophistication of
swindlers, has made ACH fraud hard to detect
and prevent.
There are many ways a criminal may
commit ACH fraud, but they all have one
element in common: gullibility on the part of
someone along the ACH “highway.”
Fraudsters only need two pieces of
information to commit ACH fraud: a checking
account number and a bank routing number.
Criminals typically obtain bank account
information by sending a phishing email that
tricks a victim into disclosing the required
information, or that installs malicious software
on the victim’s computer, allowing criminals to
access the desired information.
Other infiltration methods used by
criminals are infected flash drives, or social
networking sites where malware is embedded
in a document, video, or photo, and is
downloaded onto victims’ computers when
they click on that item.
The newest strategy for fraudsters
is pretending to be part of established
organizations, well-known social networking
sites, and government entities, deceiving the
victims and allowing fraudsters to plant malware
that eventually leads to account takeovers.
The ACH Network itself is not the focus
of the fraud. The focus is to simply gain
fraudulent access to that network. Most ACH
fraud could have been prevented if “best
practices” had been followed by organizations
or individuals. Some of these practices include:
• Know the person with whom you are dealing
– fraud happens by incorrectly assuming an
unknown party is legitimate
• Utilize your bank’s fraud detection and
prevention resources such as ACH Filters,
Blocks, Transaction Review, UPIC codes, etc.
• Monitor your accounts daily
• Segregate accounts for better control, e.g.
collections, vs. disbursements, high volume vs.
low volume, paper vs. electronic, etc.
• Use encrypted email for confidential
• Mask account numbers and tax ID numbers
in correspondence
• Collect bank tokens and change passwords
when an employee leaves the company and
contact your bank to remove them as a signer
or authorized user of ACH origination services.
The bank is not always responsible for
ACH fraud losses. Some reasons why an
organization or individual is responsible for
ACH losses include:
• Not reconciling accounts on a timely basis
• Not using appropriate ACH blocks or ACH
• Not returning suspect ACH items on time
• Not using ACH positive pay.
ACH fraud can often be thwarted by using
caution and prudence.
Wachovia Bank Wins Lawsuit Over Customer That Refused Positive Pay
Schultz Foods Company issued a check for $153,856 to Amerada
Hess Corporation. Thieves stole the check out of the mail, changed the
name of the payee, and convinced the new bogus payee (an unwitting
accomplice) to endorse the check and deposit it into his bank.
His bank presented the check for payment to Schultz Foods’ bank,
Wachovia Bank, and Wachovia charged $153,856 against Schultz Foods’
account. Before Schultz Foods discovered the fraud, the funds had been
wired out, and the money disappeared.
When the fraud was discovered, Schultz Foods reported the altered
check to Wachovia and demanded its account be re-credited. Wachovia
refused, citing that Schultz Foods had been offered the chance to
implement “Positive Pay” after three previous check fraud incidents,
but had declined. Instead, Shultz Foods had purchased a check fraud
insurance policy from Cincinnati Insurance Co. Positive Pay, however,
would have prevented this loss.
Schultz Foods made a $153,856 claim under its policy with Cincinnati,
who paid the claim and filed suit against Wachovia to recover its loss.
Cincinnati contended that the altered check was not “properly
payable” and Wachovia was liable for the loss. However, the Wachovia
deposit agreement signed by Schultz Foods contained a list of
precautions that a customer should take to protect their account. The
Page 8 • Abagnale Fraud Bulletin, Volume 12
Agreement included a conditional release of Wachovia’s liability:
“You agree that if you fail to implement … products or services [that are
designed to deter check fraud], … you will be precluded from asserting
any claims against Wachovia for paying any unauthorized, altered,
counterfeit or other fraudulent item ….”
Wachovia had not required Schultz Foods to absorb any losses
because of the incidents, even though Schultz Foods never implemented
Positive Pay. Cincinnati argued that Schultz Foods “had an expectation
that Wachovia would reimburse Schultz Foods’ account” for unauthorized
charges if Schultz Foods took precautions such as closing its account.
However, that expectation was contrary to Wachovia’s deposit
agreement, which contained an anti-waiver provision, allowing it to waive
enforcement of the terms of the Agreement.
Even though Wachovia voluntarily shielded Schultz Foods from past
check fraud losses, its deposit agreement protected it from liability.
The Court agreed with Wachovia’s argument that the deposit
agreement between Wachovia and Schultz Foods required Schultz Foods
either to implement Positive Pay or to assume responsibility for any fraud
losses caused by its failure to implement Positive Pay.
For the complete court case and commentary, visit www.
Software: Positive Pay, ACH, and
Secure Check Writing
Positive Pay is one of the most important tools available to prevent
check fraud. Developed by bankers years ago, Positive Pay is an automated
check matching service offered by most banks to businesses and
organizations. It helps stop most (not all) counterfeit and altered checks.
Positive Pay requires a check issue file (information about the issued
checks) to be sent to the bank before the checks are released. There are
two primary obstacles to using Positive Pay. First is a company’s inability to
format the check issue file correctly and securely transmit it to the bank.
Second, some accounting software will truncate part of a long Payee
name when it generates the Payee Positive Pay file. This creates a mismatch between what is written on the check and what is recorded in the
file, producing a false positive alert “exception item.” Repairing the Positive
Pay file and dealing with these exception items can be costly and timeconsuming.
SAFEChecks has software that eliminates these problems.
The software creates the Positive Pay file automatically as the checks
are being printed. It writes the checks, creates the check register, and
formats the Positive Pay file all from the “stream of data,” eliminating
truncation errors and significantly reducing false positive errors and
exception items.
In addition, the software can be customized to include another
internal security control where checks can be reviewed and approved
prior to printing. It can also be customized to automatically transmit the
Positive Pay file to the bank.
SAFEChecks’ secure software is invaluable in helping “techchallenged” organizations use Positive Pay.
The software produces a Secure Name and Number Font to prevent
alterations (See Page 10), and also imprints a unique, encrypted,
image-survivable “secure seal” barcode on the front of each check. The
barcode is an effective technological weapon in the fight against check
fraud. It contains all the information found on a check, including the
maker (drawer), payee name, check number, dollar amount, issue date,
and the X,Y coordinates of each piece of data. It is an on-board Payee
Positive Pay file for that check, and can eliminate the need to transmit it
to the bank if the bank has the barcode decryption software.
The decryption software reads the check using Optical Character
Recognition (OCR), and the barcode data is compared to the printed
data on the check. If the two don’t match, the check becomes a suspect
item. High-level encryption prevents the barcode from being altered or
decrypted by other software.
The barcode creates an audit trail, including who printed the check,
and the date and time the check was printed.
When Positive Pay is used with high security checks, such as the
Abagnale SuperBusinessCheck or SAFEChecks fraud losses can
be cut dramatically. See Pages 14 – 15.
Caution: Some companies have the mistaken notion that if
they use Positive Pay they do not need to use high security
This is a serious misconception. Positive Pay and Payee
Positive Pay are not foolproof! Consider this analogy: Using
Positive Pay is like catching a thief standing in your house, holding
your jewels. Although it is good that the thief was caught, it would be
better to have the thief look at your house and go elsewhere. This is
where high security checks are important. They DETER, or discourage,
many criminals from attempting fraud against your account.
The check writing software can print checks for multiple divisions,
multiple accounts, and multiple banks in a single run, using “blank”
check stock (See Pages 5 and 10.) This eliminates the need to switch
check stock between check runs. Its secure signature control feature
allows up to five levels of signature combinations.
The software also has an ACH module that can make
payments electronically, with the remittance detail printed or
emailed. The system can automatically switch between printing
checks and making ACH payments in the same run.
C heque G uard
S ecure S eal B arcode
S ecure N ame F ont
S ecure N umber F ont
The barcode, Secure Name Font and Secure Number Font
are great visual deterrents to would-be criminals, discouraging
them from attempting alterations (See Pages 4 and 10).
High security checks and Positive Pay are critical
companions in effective check fraud prevention strategy.
For software information, contact SAFEChecks
(800) 755-2265 x 3301 or [email protected]
Frank Abagnale and SAFEChecks recommend the
uni-ball® 207™ Gel Pen
The uni-ball® 207™ pen uses specially formulated gel inks with color pigments that
are nearly impossible to chemically “wash.” It retails for under $2, is retractable and
refillable, and images perfectly. It can be found at most office supply stores.
Page 9 • Abagnale Fraud Bulletin, Volume 12
Laser Printing and Check Fraud
ost organizations and
companies print checks
on a laser printer. This
technology is highly
efficient, but proper controls must be in place
or laser printing can invite disaster.
Toner Anchorage, Toner,
To prevent laser checks from being easily
altered, the toner must bond properly to the paper.
This requires check stock with toner anchorage,
good quality toner, and a hot laser printer.
Toner anchorage is an invisible chemical
coating applied to the face of check paper.
When the check passes through a hot laser
printer, the toner melds with the toner
anchorage and binds onto the paper. Without
toner anchorage, the toner can easily be
scraped off, or lifted off the check with tape.
High quality toner should be used because
poor quality toner does not meld properly with
the toner anchorage. Also, if the printer is not
hot enough, the toner and anchorage will not
meld sufficiently. The fuser heat setting can
be adjusted on most laser printers through the
front panel; hotter is better.
T oner A nchorage
Secure Name Fonts
help prevent added or altered payee
names. In many cases, adding to or altering
the Payee name allows the forger to circumvent
Positive Pay. A Secure Name Font uses a
unique image or screened dot pattern in a
large font to print the payee name. This makes
it extremely difficult to remove or change
the Payee name without leaving evidence. It
also eliminates the spacing for an added
S ecure N ame F ont
that is not customized for each customer
should be avoided. Check stock that is sold
completely blank to multiple companies is
“uncontrolled check stock.” If a printer or
computer company is selling you entirely blank
checks, they are likely selling the identical
blank checks to others, who, in effect, have
your check stock! Ensure that your check
stock is not available entirely blank to others. It
should be uniquely customized in some way for
each user. See Pages 14 – 15.
Page 10 • Abagnale Fraud Bulletin, Volume 12
is a state-of-the-art encrypted barcode
that is laser printed on the face of a
check. The barcode contains all the critical
information on a check – payee name, dollar
amount, check number, routing and account
numbers, issue date, etc. The barcode can
be “read” using Optical Character Recognition
(OCR) technology and compared with the
printed information on the check. If the printed
data does not match the barcode, the check
can be rejected. This technology is image
survivable. Some software providers also
include Secure Name and Number Fonts.
I mage S urvivable
S ecure S eal
T echnology
Uncontrolled Check Stock
Recent court cases have shown that
using blank, uncontrolled check stock can
contribute to check fraud losses. Companies
can be held liable for the resulting losses if
the bogus checks look “genuine.” See Page
7, Robert J. Triffin v. Somerset Valley
Bank and Hauser Contracting Company.
SAFEChecks sells only controlled check
Sequenced Inventory
Control Numbers
Blank Check Stock
Image Survivable Barcode
“Secure Seal” Technology
should be printed on the back of non-prenumbered laser checks. The control number is
completely independent of the check number
printed on the face of the check. Numbering
and tracking each sheet discourages internal
fraud and maintains compliance with auditors.
String of Asterisks
printed above the payee name is another
way to prevent added payee names. Forgers
add a new payee name two lines above the
original payee name. To prevent additions,
insert a string of asterisks above the original
payee name. Asterisks can be pre-printed on
the checks by the check vendor. Do not use
asterisks when using Payee Positive Pay. They
cause false positives.
Secure Number Fonts
prevent the dollar amount on the check
from being altered without detection. Some fonts
have the dollar amount image reversed out,
with the name of the number spelled inside the
number symbol. Although Positive Pay makes
this feature redundant, it is a strong visual
deterrent to criminals.
Secure Number Fonts
Protect Passwords
Passwords should be 8+ characters and
should include a captal letter and a character
(e.g: [email protected]#$%&). An email address makes an
excellent password. Because a company has
more exposure from dishonest employees than
from a hacker, two people should be required
to print checks, add new vendors, and add or
change employees and pay rates.
Check 21: The Hidden Liability
heck Clearing for the 21st Century
Act, aka “Check 21” was passed
into law October 28, 2004.
Check 21 allows banks to
1) convert original paper checks into electronic
images; 2) truncate the original check; 3) process the images electronically; and 4) create
“substitute checks” for delivery to banks that do
not accept checks electronically. The legislation
does not require a bank to create or accept an
electronic check image, nor does it give an
electronic image the legal equivalence of an
original paper check.
Check 21 does give legal equivalence to a
“properly prepared substitute check.” A
substitute check, also known as an image
replacement document (IRD), is a negotiable
instrument that is a paper reproduction of an
electronic image of an original paper check. A
substitute check 1) contains an image of the front
and back of the original check; 2) bears a MICR
line containing all the information of the original
MICR line; 3) conforms to industry
standards for substitute checks; and 4) is
suitable for automated processing just like the
original check. To be properly prepared, the
substitute check must accurately represent all the
information on the front and back of the original
check, and bears a legend that states “This is a
legal copy of your check. You can use it the same
way you would use the original check.” While
Check 21 does not mandate that any check be
imaged and truncated, all checks are eligible for
conversion to a substitute check.
Warranties and Indemnity
Check 21 does not require a bank to
convert and truncate paper checks. It is
voluntary. A bank that chooses to convert a
paper check into an electronic image and
substitute check provides two warranties and an
indemnity that travel with the substitute check.
The two warranties are 1) that the substitute
check is properly prepared, and 2) that no bank
will be asked to make payment on a check that
has already paid (no double debit).
This second Warranty is a powerful protection against “double-dipping” – someone depositing a check via their phone and then cashing
the same check elsewhere. If this deception is
not caught and both deposits clear the maker’s
account, the bank of first deposit can be held
liable for the loss.
The Indemnity is very powerful, and gives
banks and companies a clear defensive strategy
against losses caused by substitute checks. It
may also deter banks and companies eager to
convert high-dollar checks. The warranties and
indemnity continue for one year from the date
the injured party first learns of the loss.
The Final Rule issued by the Federal
Reserve Board states, a bank “that transfers,
presents, or returns a substitute check…shall
indemnify the recipient and any subsequent
recipient…for any loss incurred by any recipient
of a substitute check if that loss occurred due to
the receipt of a substitute check instead of the
original check.” It goes on to say that if a loss
“…results in whole or in part from the
indemnified party’s negligence or failure to act
in good faith, then the indemnity amount …shall
be reduced in proportion to the amount of
negligence or bad faith attributable to the indemnified party.” The indemnity would not cover a
loss that was not ultimately directly traceable to
the receipt of a substitute check instead of the
original check.
The Fed gives this example. “A paying bank
makes payment based on a substitute check
that was derived from a fraudulent
original cashier’s check. The amount and other
characteristics of the original cashier’s check are
such that, had the original check been
presented instead, the paying bank would have
inspected the original check for security
features and likely would have detected the
fraud and returned the original check before
its midnight deadline. The security features the
bank would have inspected were security
features that did not survive the imaging process. Under these circumstances, the paying
bank could assert an indemnity claim against the
bank that presented the substitute check.
“By contrast with the previous example, the
indemnity would not apply if the characteristics
of the presented substitute check were such
that the bank’s security policies and procedures
would not have detected the fraud even if the
original had been presented. For example, if the
check was under the threshold amount the bank
has established for examining security features,
the bank likely would not have caught the error
and accordingly would have suffered a loss even
if it had received the original check.”
Remote Deposit Capture
Remote Deposit Capture is a service that
allows a business or individual to scan, image
and transmit to its bank the checks it normally
would deposit. While the technology is convenient,
you must understand your risk. Under the law,
an organization or individual that images and
converts a check issues the warranties and
indemnity, and may be held liable for any Check
21 loss. The Statute of Limitations to file a claim
for these types of losses is one year AFTER the
injured party discovers the financial loss.
Check Safety Features
The purpose of safety features is to thwart
criminals trying to alter or replicate checks.
The minimum number of safety features a check
should have is 10, and more is better. The best
safety features are Fourdrinier (true) watermarks
in the paper, thermochromatic ink, and paper
or ink that is reactive to at least 15 chemicals.
These safety features cannot be imaged and
replicated, and are the best!
When an individual or organization uses
high security checks that include these safety
features, they are positioned for a built-in
indemnity claim against the converting bank
or company, as allowed under Check 21’s
Indemnity Provision. This assumes that their
bank has a Sight Review threshold such that
the original check would have been examined.
Check 21 Fraud Strategies
In a Check 21 world, the strategies are
straightforward. 1) Every bank should offer
Positive Pay at an affordable price, and every
company and organization should use the
service. Most banks charge for Positive Pay;
consider the fee an insurance premium. For
useful information about Positive Pay, visit and
2) Make large dollar payments electronically.
3) Every company, organization and individual
should use high security checks with 10 or more
safety features. The checks should include a
true watermark, thermo­chromatic ink and 16+
chemical sensitivity. The Supercheck, the
SuperBusinessCheck, and SAFEChecks
(See Pages 14 – 17) were designed by
Frank Abagnale with these and many
additional safety features so prudent
individuals, companies and organizations
could enjoy maximum document security in a
controlled check. Visit and to request a sample.
4) Avoid using laser checks that can be
purchased by multiple people entirely blank
because the stock is not controlled.
5) Banks should lower their Sight Review
thresholds and re-train inspectors, and
encourage their customers to use high security
checks and Positive Pay.
Visit for information.
Page 11 • Abagnale Fraud Bulletin, Volume 12
Check Security Features
n response to the alarming growth
of check fraud, the check printing
industry developed many new
security features. The best features
are illustrated here. While nothing is 100%
fraudproof, combining ten (10) or more security
features into a check will deter or expose most
check fraud attempts.
78°F. Thermo ink’s reaction to temperature
changes cannot be replicated on a color copier
or laser printer. Checks with thermo ink should
have properly worded warning bands.
Thermochromatic Ink
Controlled Paper
is manufactured with many built-in
security features, such as a true watermark,
visible and invisible (UV light-sensitive) fibers,
and multi-chemical sensitivity. To keep the
paper out of the hands of forgers, the paper
manufacturers have written agreements that
restrict the paper’s use and distribution. Ask
for and read the written agreement. If there is
none, the paper may not be controlled.
Controlled Check Stock
are high security checks that are printed on
controlled paper. The check manufacturer does
not allow the checks to be sold entirely blank
without them first being customized. Ask your
check printer for their written policy about blank
check stock. If there is none, the check stock
most likely is not controlled. See Page 14 – 17.
Fourdrinier Watermarks
react to changes in temperature. Some
thermo inks begin to fade away at 80°F and
disappear completely at 90°F. The ink then
reappears when the temperature cools to
Page 12 • Abagnale Fraud Bulletin, Volume 12
is a multicolored printed background
with gradations that are difficult to accurately
reproduce on many color copiers.
Specific Warning Bands
are printed messages that call specific
attention to the security features found on
the check. These bands should instruct
the recipient to inspect a document before
accepting it (not merely list features) and
may discourage criminals from attempting
the fraud. A properly worded warning band
may protect a company from some Holder In
Due Course claims. See Page 7, Pomerantz
Staffing Services.
Laid Lines
are parallel lines on the back of checks.
They should be of varying widths and unevenly
spaced. Laid lines make it difficult to physically
“cut and paste” dollar amounts and payee
names without detection.
L aid L ines
Specific Warning Bands
Copy Void Pantographs
Multi-chemical Reactive
produce a stain or speckles or the word
“VOID” when activated with ink eradicatorclass chemicals, making it extremely difficult
to chemically alter a check without detection.
M ultichemical
R eactive P apers
Thermochromatic Inks
Prismatic Printing
P rismatic P rinting
are faint designs pressed into the paper
while it is being manufactured, and are also
known as “true” watermarks. When held to
the light, these watermarks are easily visible
from either side of the paper for instant
authentication. Copiers and scanners are not
capable of replicating dual-tone Fourdrinier
(true) watermarks.
F ourdrinier
W atermarks
Checks should be reactive to at least 15
are patented designs developed to protect
a document from being duplicated. When
copied or scanned, words such as “COPY”
or “VOID” become visible on the photocopy,
making it non-negotiable. This feature can be
circumvented by high-end color copiers and so
is not foolproof.
C opy V oid
P antographs
Image Survivable
Secure Seal Barcode
is an encrypted barcode that is laser
printed on the face of the check. The barcode
contains all the critical information found on
the check. See Pages 9 and 10.
I mage S urvivable
B arcode
are multicolored three-dimensional
images that appear in a reflective material
when viewed at an angle. They are an
excellent but expensive defense against
counterfeiting in a controlled environment.
Holograms are usually not cost-effective on
checks, but are valuable in settings such as
retail stores where a salesperson or attendant
visually reviews each item before acceptance.
Holograms enhance admission passes, gift
certificates and identification cards.
H olograms
M icroprinting
Dual Image Numbering
creates a red halo around the serial
number or in the MICR line of a check. The
special red ink also bleeds through to the
back of the document so it can be verified for
authenticity. Color copiers cannot accurately
replicate these images back-to-back.
D ual I mage
N umbering
High-Resolution Borders
are intricately designed borders that are
difficult to duplicate. They are ideal for covert
security as the design distorts when copied.
H igh -R esolution
B orders
Ultraviolet LightSensitive Ink and Fibers
can be seen under ultraviolet light (black
light) and serve as a useful authentication tool.
Artificial Watermarks
are subdued representations of a logo or
word printed on the paper. These marks can
be viewed while holding the document at a
45º angle. Customized artificial watermarks
are superior to generics. Copiers and scanners
capture images at 90º angles and cannot see
these marks. However, to the untrained eye,
their appearance can be replicated by using a
3% print screen.
A rtificial
W atermarks
U ltraviolet L ight S ensitive I nk and
UV F ibers
is printing so small that it appears as a
solid line or pattern to the naked eye. Under
magnification, a word or phrase appears. This
level of detail cannot be replicated by most
copiers or desktop scanners.
High Security Checks
help deter many check fraud
attempts by making it more difficult for
a criminal to alter or replicate an original
check. They help thwart some Holder in
Due Course claims (See Page 6), and
establish the basis for an indemnity
claim under Check 21’s Indemnity
Provision. (See Page 11.) High-security
checks should have at least ten (10)
safety features, the most important being
that the check is a “controlled” stock. This
means the check is never sold or made
available entirely blank. Forgers can make
authentic-looking checks using original
blank checks, a scanner and Adobe
Illustrator. An organization may be held
liable for these fraudulent checks.
Other “best” features are a
dual-tone true watermark, UV ink,
thermochromatic ink (accompanied by a
properly worded warning band), and toner
anchorage. Frank Abagnale designed the
SuperBusinessCheck, SAFEChecks
and the Supercheck to help individuals
and organizations have access to high
security checks at reasonable prices.
(See Pages 14 – 17.)
Page 13 • Abagnale Fraud Bulletin, Volume 12
Abagnale SuperBusinessCheck
he SuperBusinessCheck is the most secure business check
in the world. Designed by Frank Abagnale with 16 security
features, the check is virtually impossible to replicate or alter
without leaving evidence. The SuperBusinessCheck is printed
on tightly controlled, true-watermarked 28 pound security paper. For
your protection, the SuperBusinessCheck is never sold completely blank
without first being customized for a specific customer. Available styles
are shown below. Pricing can be found on the Web at SAFEChecks.
com or
16 Safety Features
Controlled Paper Stock
Toner Anchorage
Chemical Sensitivity
Copy Void Pantograph
Chemical Reactive Ink
Fluorescent Ink
Fluorescent Fibers
“After years of designing
checks for Fortune 500
companies and major banks,
I designed the Supercheck,
the SuperBusinessCheck and
SAFEChecks to help individuals,
medium and small businesses,
and organizations protect their
checking accounts.”
Thermochromatic Ink
Fourdrinier (True) Watermark
High-Resolution Border
Prismatic Printing
Explicit Warning Bands
Chemical Wash Detection Box
Sequenced Inventory Control Numbers
Laid Lines
P.O. Box 981
Simi Valley, CA 93062-0981
(800) 755-2265
Available Styles
Laser - Top
Laser - Middle
Laser - Bottom
Legal Laser Top
Legal Laser Second Panel
Pressure Seal Checks Also Available
Secure Ordering Procedures
To prevent unauthorized persons from ordering checks on your account, SAFEChecks verifies all new check orders with
your bank. We confirm that the name, address and account number on the order form match the data on file with
the bank. Check orders are shipped to the address on file with the bank. Reorders with a change of address are
re-confirmed independently. Our Secure Ordering Procedures are in place for your protection, and are unparalleled in
the check printing industry.
Page 14 • Abagnale Fraud Bulletin, Volume 12
he SAFECheck
was designed by
Frank Abagnale with
12 security features,
and is virtually impossible to
replicate or alter without leaving
evidence. SAFEChecks are
printed on tightly controlled,
true-watermarked, 28 pound
security paper. To prevent
unauthorized use, SAFEChecks
are never sold completely blank
without first being customized
for each specific customer.
P.O. Box 981
Simi Valley, CA 93062-0981
(800) 755-2265
12 Safety Features
Covert Security Features
Controlled Paper Stock
Toner Anchorage on Laser Checks
Copy Void Pantograph
Chemical Reactivity – to 85 chemicals.
Fluorescent Fibers – Become visible under ultraviolet light.
Available Styles
Overt Security Features
Thermochromatic Ink – The pink lock and key icons fade away when warmed above 90º and
reappear at 78º. This reaction cannot be replicated on images created by a color copier.
Fourdrinier (True) Watermark – The true watermark is visible from either side when the
check is held toward a light source. It cannot be color copied or scanned.
Explicit Warning Bands
Chemical Wash Detection Box – See Figure 2 on page 13.
Sequenced Inventory Control Numbers
Laid Lines
Laser - Top
Laser - Middle
Laser - Bottom
Legal Laser - Top
Legal Laser Second Panel
Legal Laser Panels 2 & 4
Pressure Seal
SAFEChecks also offers secure laser check
writing software (See Page 9, MICR toner
cartridges, and envelopes. Call (800) 755-2265.
You should! Talk to
your banker ASAP.
Page 15 • Abagnale Fraud Bulletin, Volume 12
Abagnale Supercheck
he Supercheck is a high security personal check designed
by Frank Abagnale to help individuals protect their checking
accounts. The Supercheck contains 12 security features,
is reactive to 85 chemicals, is Check 21 compatible, and is nearly
impossible to replicate or to alter without leaving evidence. It is
“the check for people with something to lose.”
“The check for people with something to lose”
12 Safety Features
Controlled Paper Stock
Fourdrinier (True) Watermark
Thermochromatic Ink
Chemical Sensitivity
Explicit Warning Bands
Prismatic Printing
Chemical Wash Detection Box
High-Resolution Border
Laid Lines
Fluorescent Fibers
Fluorescent Ink
Our Secure Ordering Procedures are unmatched in the check printing industry. For your protection, we
verify that the name, account number, and mailing address match the information on file with your financial
institution. Checks are shipped to the address on file or directly to your financial institution. Reorders with
a change of address are re-verified with your financial institution.
We need all three (3) items below to complete your order:
Please mail to:
Delivery Times:
1. Completed ORDER FORM
Allow 3 weeks for delivery.
2. VOIDED CHECK (indicate any changes P.O. Box 981
Expedited service is available.
on the face)
Simi Valley, CA 93062-0981 Call (800) 755-2265 ext 3304
Email Address
Primary Telephone (We do not give or sell your information to anyone.)
Alternate phone where you can be reached
____Financial­­ institution_________________________________________________________________
Branch Address
(Address must be on file with bank)
Page 16 • Abagnale Fraud Bulletin, Volume 12
(price + s/h)
Wallet Supercheck Duplicate
- $29.95 per box of 150
California residents
- $32.95 per box of 150
must add sales tax
Shipping/Handling - $4.50 per box
_____Check or Money Order enclosed
(made payable to SAFEChecks)
_____Bill my credit card: _____MasterCard
Credit Card Account Number / Expiration Date
Please mail checks to the:
____Address on checks (this address must be on file with the financial institution)
# of
Wallet Supercheck Single
_____Debit this checking account
Start #
Cardholder Name
Authorized Signature
Billing address of credit card if different from address on checks
Security Code
Download a price list at
8934 Eton Avenue
Canoga Park, CA 91304
How did you hear about us?
Seminar by
Seminar by Frank Abagnale
To be printed on checks
For file information (not printed on checks)
(800) 755-2265
Fax (800) 615-2265
completed order form. We will call you to confirm receipt.
To be printed on checks
Phone (
For file information (not printed on checks)
Account Number
Please ship to:
Routing / Transit:
Bank Fraction:
Bank Representative
Bank Representative's Phone #
Check Starting Number
Text to be printed above signature lines
Check this
Custom Logo - Camera-ready art or electronic file (diskette
box for two
or e-mail) is required. Send to: [email protected]
signature lines
JPG, EPS, PSD, TIFF & BMP are acceptable formats
Shipping Instructions:
Standard Turnaround (most orders ship in 5-7 business days)
Overnight UPS
Two-day UPS
Ground UPS
RUSH (RUSH FEE APPLIES) Date you must receive checks
X 11 Frank Abagnale's SuperBusinessCheck (one color design only)
81/2 X 14 Frank Abagnale's SuperBusinessCheck (one color design only)
Top Check
Top Check
Middle Check
Check in 2nd Panel
Bottom Check
3 Laser Checks per Sheet
81/2 X 11
81/2 X 14
Top Check
Top Check
Middle Check
Check in 2nd Panel
Bottom Check
Check in 2nd & 4th Panels
How are your laser checks
placed in the printer?
Face Up
Face Down
Software Name
Version #
Pressure seal checks are custom designed. Call (800) 755-2265 ext. 3306.
Make and Model # of Folder/Sealer:
Software Name
Version #
Make and Model # of Printer:
To prevent unauthorized persons from ordering checks on your
account, all new check orders are verified with your bank. We
confirm that the name, address and account number on the order
form match the information on file with the bank. Check orders
are shipped to the address on file with the bank. Reorders with
a change of address are re-confirmed with the bank.
Download a price list from
Call (800) 755-2265 for assistance in completing form
or to answer any questions.
Single Stub (General Check) Frank Abagnale's SuperBusinessCheck
Three-on-a-Page Binder
Prepared by:
Phone Number:
Fax Number:
bakery’s account clerk went to
her CFO, saying that she feared
for her life because of what she
had discovered – a fraudulent
check for $10,000 that the Comptroller had
authorized. Sixteen more checks were found
later, totaling almost $17 million.
The Comptroller had written checks
to his own creditors, including credit card
companies, car dealerships, local agencies,
and even charities, and covered the amounts
by voiding them on the books. He then wrote
fake checks to actual bakery vendors, and
later destroyed those checks.
Embezzlement is no respecter of persons
or organizations. It is a silent killer that cripples
companies large and small because of the
actions of trusted but dishonest employees.
Embezzlement is committed at every level
and in every industry, and estimates show
that a typical organization loses 5% of annual
revenues to fraud.
The latest Marquet Report on
Embezzlement reported that it was “a
blockbuster year for employee theft in the
United States, accelerating over the shocking
pace set over the past couple of years.”
Marquet analyzed hundreds of cases
involving losses of $100,000 or more. Of
course, many cases fall below that threshold,
and hundreds more are not reported. The
average loss of those that were analyzed was
$1.4 million, with a median loss of $340,000.
The average embezzlement scheme lasts
almost 5 years, and half of the victims do not
recover any of their fraud-related losses.
Given that embezzlement is often difficult
to detect, it is imperative to understand why
and how it occurs, and how to thwart it. Early
detection and prevention strategies are key to
controlling losses.
According to the Association of Certified
Fraud Examiners (ACFE), embezzlement is a
subset of Occupational Fraud, which can be
divided into three main categories: Corruption,
Fraudulent Financial Statements, and
Misappropriation of Assets.
Corruption includes conflicts of interest,
bribery, extortion, etc., and constitutes about
one-third of cases.
Financial statement fraud involves the
intentional misstatement or omission of
important information on an organization’s
financial reports, and causes the highest
median losses.
Asset misappropriation, which includes
embezzlement, covers almost 90% of all
occupational fraud cases. It takes many forms,
Page 18 • Abagnale Fraud Bulletin, Volume 12
but the vast majority of schemes involve
fraudulent disbursements done through billing,
expense reimbursements, check fraud, payroll,
and the cash register.
The second highest method includes the
theft of cash-on-hand and inventory, and the
third type of asset misappropriation involves
schemes with revenue receipts.
The industries most commonly victimized
are banking/financial services, manufacturing,
and government/public administration.
However, internal fraud within healthcare
and education is on the rise, and virtually
all industries have had some episodes of
Who are the
Almost 80% of occupational fraud cases,
and 95% of their resulting losses, come from
six departments: accounting, operations,
executive/upper management, sales, customer
service, and purchasing.
While regular employees embezzled most
frequently, the greatest actual losses came
from managers and executives.
Females embezzled slightly more
frequently than males, but males caused
significantly higher losses.
Female Losses Male Losses
Half of all cases were committed by
people between the ages of 31 and 45, but
the greatest losses came from those 50 and
above. About 40% had been at the job one to
five years, and over 50% had been there more
than five years.
The vast majority of perpetrators
– 87% – had no prior criminal history,
making background checks an ineffective
embezzlement prevention tool (although
background checks are still necessary for
other reasons.)
Why Embezzlement
Workplace conditions are a major
predictor of fraud. Internal fraud occurs when
the “fraud triangle” is present – motive,
opportunity, and rationalization – and effective
fraud prevention controls are not in place. In
fact, a complete lack of controls was evident in
over 30% of the cases.
An overlooked but vital factor is the tone
set by upper management, especially in the
fraud cases over $1 million. Management
tone that contributes to fraud includes
unethical attitudes and behavior, the practice
of overriding established safeguards, and
pressuring employees to meet unrealistic
goals. Als o, employees and executives who
feel unfairly treated sometimes believe they
can get “justice” through occupational fraud.
While different factors motivated the
various embezzlement cases, including a false
sense of entitlement or the need to support a
significant other, the two overwhelming factors
were a desire to obtain and/or maintain a
more lavish lifestyle, and a gambling addiction.
Often, those two motivations were intertwined.
In the cases where gambling addiction
was the primary motivator, all but two
occurred in states where casinos and/or Indian
gaming facilities were permitted.
Detecting Embezzlement
There are many behavioral red flags
that fraudsters often exhibit, which can help
management detect fraud. Managers who
ignore these red flags do so at the company’s
peril. These include an overt sense of
entitlement, living beyond one’s means, having
financial difficulties and/or family problems,
excessive control issues, unwillingness to
share duties or take vacations, addiction
problems, and irritability or defensiveness.
Managers, employees and auditors
should be educated on these common
behaviors to help identify fraudulent activity.
An anonymous tip is one of the most
important means to detect fraud. Most tips
are given via hotlines. Tip hotlines should be
designed to receive tips from both internal and
external sources, and should allow anonymity,
confidentiality, and include a reward.
Tip hotline reporting programs should be
publicized to employees, as well as outsiders.
Although employees are the most frequent
source of fraud tips, customers, vendors, and
even competitors have also provided valuable
Management review and internal audits
are the next most common forms of detection.
One of the least effective methods of
detecting fraud was through external audits
of financial statements. In fact, more fraud
was discovered by accident than by external
audits! While external audits are important,
they should not be solely relied upon to detect
Small Businesses Fraud
Embezzlement is a significant threat to
small businesses. The smallest organizations
consistently suffer the largest median losses.
These companies usually have fewer anti-fraud
controls than larger companies, and so are
more vulnerable to fraud. For more information
on small business fraud prevention, see See
Page 21.
How To Prevent
Occupational Fraud
Using any of the 16 most common
anti-fraud controls can significantly decrease
the cost and duration of fraud schemes.
Tip hotlines, formal management reviews,
and employee support programs provide
the greatest decreases in financial losses.
Companies without these controls experienced
median fraud losses approximately 45% larger
than those with the controls in place. The
schemes also lasted almost twice as long.
Education is part of an effective fraud
prevention program. Organizations with
anti-fraud training programs for employees,
managers, and executives have fewer losses
and shorter duration of fraudulent schemes
than those without these programs.
Training includes what constitutes fraud,
how it hurts everyone in the company, and
how to report questionable activities.
Employee support programs to help
employees struggling with addictions, mental
or emotional health, family or financial
problems are also associated with median loss
Surprise audits are an effective tool in the
fight against fraud, yet less than 30% of victim
organizations have them. Surprise audits’ most
important benefit is psychological: they cause
potential perpetrators to believe that they will
be caught, and thus have a strong deterrent
effect on embezzlers.
Additional internal controls include a
separation and rotation of duties, mandatory
vacations, protocols for writing, reconciling,
and storing checks, proper documentation for
payments and receipts, vendor verification,
etc. Constant vigilance is essential.
Certain schemes are more prevalent in
one industry and department than in others.
Companies need to consider the specific
fraud risks they face when deciding which
controls to implement for fraud prevention and
The Internal Revenue Service requires
embezzlers to report embezzled funds
as income in their annual tax filing. After
returning the funds or paying restitution,
the embezzler becomes eligible for a tax
deduction. Failure to report embezzled funds
as gross income can result in tax evasion
charges. The threat of dealing with the IRS
should be a well publicized factor to deter
would-be perpetrators from defrauding their
2010 - 2012 Marquet Report on Embezzlement
2010, 2012 Association of Certified Fraud Examiners“Report to
the Nations”
“Effective Solutions for Combating Employee Theft –Implementing
and Managing a Fraud Hotline” by
Donald L. Mullinax, ACFE 2004
“Enemies Within” by Joseph Wells, ACFE 2001
Median Loss and Duration of Schemes – Based on Presence of Anti-Fraud Controls
Management Review
Employee Support Programs
External Audit of ICOFR
Fraud Training for
Internal Audit/FE Department
Fraud Training for Employees
Job Rotation/Mandatory Vacation
Surprise Audits
Anti-Fraud Policy
Formal Fraud Risk Assessments
Rewards for Whistleblowers
Code of Conduct
Independent Audit Committee
Management Certification of F/S
External Audit of F/S
Loss with
Loss without
Duration with
14 months
12 months
16 months
12 months
Duration without
24 months
24 months
21 months
24 months
12 months
13 months
12 months
9 months
10 months
12 months
12 months
9 months
14 months
13 months
12 months
17 months
24 months
24 months
24 months
24 months
24 months
24 months
24 months
22 months
30 months
24 months
24 months
24 months
Early Warning Signs of Cash Misappropriation
• Decreasing ratio of cash to credit card
• Increasing accounts receivable compared
with cash.
• Delayed posting of accounts receivable
• Credits against individual accounts
• Unexplained cash discrepancies.
• Altered or forged deposit slips.
• Customer billing and payment complaints.
• Increasing “soft” expenses, such as consulting.
• Employee home address matches a vendor’s
• Vendor address is a post office box or mail drop.
• Excessive voided, missing, or destroyed checks.
Embezzlement Prevention Checklist
The most cost-effective way to limit fraud losses is to prevent fraud from occurring. This
checklist will help organizations test the effectiveness of their fraud prevention program.
1. Is ongoing anti-fraud training provided to all employees of the organization?
2. Is an effective fraud reporting mechanism (tip hotline) in place?
3. Is the management climate/tone at the top one of honesty and integrity?
4. Are fraud risk assessments performed to identify and mitigate the company’s vulnerabilities
to internal and external fraud?
5. Are strong anti-fraud controls in place and operating effectively?
6. Does the internal audit department have adequate resources and authority to operate
effectively and without undue influence from senior management?
7. Does the hiring policy include thorough fraud prevention controls?
8. Are employee support programs in place to assist employees struggling with addictions,
mental/emotional health, family or financial problems?
9. Are employees allowed to speak freely about pressures, providing management the
opportunity to alleviate such pressures before they become acute?
Page 19 • Abagnale Fraud Bulletin, Volume 12
Identity Theft – It Can Happen To You
dentity theft is motivated by financial
rewards, the easiness of the crime,
and the small chance of being
caught. Here are several suggestions
to reduce your risk of ID theft:
Social Security Number
1. Guard your Social Security number
2. Do not print your Social Security
Number on your checks.
3. Review your Social Security
Earnings and Benefits Statement annually
and look for employers you didn’t work for.
4. Monitor your credit report. After
applying for anything that requires a
credit report, request that your SSN on
the application be truncated or removed,
and that your original credit report be
shredded after a decision is made.
Internet / Computers
5. Make sure your computer is protected
with Internet security software that is updated
6. Do not download anything from the
Internet that you did not solicit.
7. Shop only on secure websites.
8. Avoid using a debit card when
shopping online.
9. Use a strong password.
10. When possible, choose to have a
second-level password.
11. Never leave your laptop where you
wouldn’t leave your baby….
12. Before donating your computer or cell
phone to a recycling center, completely wipe
out all confidential information. This requires
special software.
Credit Cards
13. Shred anything with personal
information on it. Use a crosscut or microcut
14. Never give your credit card number
or personal information over the phone unless
you initiated the call and trust that company.
15. When you are shopping or dining out,
be aware of how salespeople or waiters handle
your card.
16. Promptly examine the charges on
credit card statements. Keep track of the
billing cycles.
17. Minimize the number of credit cards
you own.
18. Carry extra credit cards or other
Page 20 • Abagnale Fraud Bulletin, Volume 12
identity documents only when needed.
19. Shred the cards on unused credit
card accounts. If you close an account, it may
lower your credit score because of reduced
credit availability.
20. Put a fraud alert tag on your credit
report, which will limit a thief’s ability to open
accounts in your name.
Bank Accounts/Checks/PINS
21. Use high security checks like those
shown on Pages 14 – 16.
22. Do not mail checks from home.
23. When writing manual checks, use the
uni-ball® 207 gel pen.
24. Use a strong PIN and protect it.
26. Be highly suspicious of unsolicited
emails or letters that say you won money.
27. Remove your name from the
marketing lists of the three credit reporting
28. Add your name to the Name Deletion
List of the Direct Marketing Association.
29. Subscribe to Privacy Guard or a
similar service to alert you if your credit history
is being requested.
30. Avoid ATMs that are not connected to
a bank or a reputable business.
31. Protect your incoming mail by picking
it up ASAP. If you will be away for a period of
time, have your mail held at the post office.
32. Keep your purse or wallet in a locked
drawer at work. Find out how the company
protects your personal information, and who
has access to your direct deposit information.
33. Photocopy and retain the contents of
your wallet, both sides of each card.
34. Keep Social Security cards, birth
certificates and passports in a locked box.
35. Read the privacy policies of the
companies with whom you do business. Opt
out of having your information shared.
36. Protect a dead relative. Contact the
credit bureaus and put a “deceased” alert on
the person’s reports.
If It Happens to You:
Even though you may take every
possible precaution, identity theft can
still happen to you. If it does:
• Report the crime to the police
immediately and get a copy of the
police report.
• Keep a record of all conversations
with authorities, lending and financial
institutions, including names, dates, and
time of day.
• Call your credit card issuers
immediately, and follow up with a letter
and the police report.
• Notify your bank immediately.
• Call the fraud units of credit reporting
agencies to place a fraud alert on your
name and SSN.
• Equifax: 1-800-525-6285
• Experian: 1-888-397-3742
• TransUnion: 1-800-680-7289
• Federal Trade Commission:
• Privacy Guard: 1-800-374-8273
• Trace My ID: 1-877-309-6584
• Privacy Rights Clearinghouse:
• Fight Identity Theft:
• Identity Theft Resource Center:
• National White Collar Crime Center:
• Social Security Administration
• U.S. Postal Service: 1-877-876-2455
Corporate Identity Theft
orporate identity theft is the
unauthorized use of a company’s
name and information by
criminals in order to illegally
obtain money, goods, services and other
benefits. Successful prosecution of personal
identity theft has caused criminals to target
companies instead, and the Internet makes it
easy to create a fraudulent business that looks
This new wave of crime can be more
profitable to fraudsters than personal identity
theft, and is expanding rapidly. Dun &
Bradstreet has reported cases of corporate
identity theft in at least 22 states, and the
losses often reach a half-million dollars before
the crime is discovered.
About 10% of all commercial credit losses
are due to corporate identity theft, fraudulent
companies, or similar criminal activities.
When banks or companies evaluate a
business seeking credit, they look for evidence
that a company is who it says it is and that it
has the capacity to conduct its business.
This evidence is called “Proof of Right”
and can be a financial statement, business
address and telephone number, government
license, credit history, etc. Each Proof of Right
that can be verified increases a company’s
legitimacy in the eyes of financial institutions or
other credit-lending organizations.
There are various ways to demonstrate
a fraudulent right of proof, opening up
businesses to corporate identity theft. For
example, criminals can gain access to a
legitimate business identity and then alter
company information, such as registered
agents names and addresses, and use the
falsified information to secure lines of credit
with banks and retailers.
Corporate identity thieves will then often
use that credit to purchase items that could
be bought and exchanged for cash or easily
sold. Once the fraudsters get the desired
money and/or goods, they leave the legitimate
business owners awash in debt, unaware that
a crime has occurred…until creditors begin
demanding payment.
Although no business is immune,
fraudsters often target small and midsize
companies because they have fewer legal and
financial protections than larger corporations.
Churches, family-owned businesses, and even
inactive companies have also been targets of
such fraud.
State governments are actively taking
steps to help protect businesses, as much of
the fraudulent right of proof activity occurs
through criminals accessing government
controlled and regulated information.
However, the biggest challenge is alerting
businesses to this new type of crime and
motivating them to use available protections.
These protections include using better
passwords and dual authentication controls,
and to check their filings regularly.
A balance exists between making it easy
to do business with legitimate corporations and
protecting those corporations from criminal
activity. Businesses that have been duped are
understandably reluctant to make the deception
public, so additional partnerships are needed
between the private and public sectors in
fighting this crime.
Dun & Bradstreet, Bloomberg BusinessWeek, The Council of State
Small Business – Fraud Prevention
mall businesses (fewer than 100
employees) are victimized by
embezzlement more frequently
than larger organizations and suffer
disproportionately larger median losses. They are
far less able to absorb these losses, and many
have gone bankrupt or were severely crippled.
Small businesses typically have fewer
resources than large companies, which often
means they have fewer and less-effective
anti-fraud controls in place, making them
more vulnerable to fraud. An almost complete
lack of controls was the most frequently cited
factor in 45% of embezzlement cases in small
Although some controls require significant
resources and most likely would not provide an
appropriate cost/benefit balance, other anti-fraud
measures can be implemented for a minor cost
and could significantly increase the ability to
prevent and detect fraud. These controls include
a code of conduct, anti-fraud training programs
and formal management review of controls
and processes. Also, check tampering in small
businesses was three times more likely than in
large organizations, and could be thwarted with
high security checks. See Pages 4, 5, 14 – 17.
Shredding Documents
Books authored by Frank W. Abagnale
Available online at or from local booksellers
Catch Me If You Can is also available on DVD
Shred anything with your personal
information on it before throwing it away.
It is best to use a crosscut or a microcut
shredder. A crosscut shredder will cut
the paper into tiny squares. A microcut shredder will turn the papers into
confetti. Paper that has been shredded
with a straight shredder can be pieced
back together, and criminals will have
your personal information. Crosscut and
microcut shredders can be found at most
major office supply stores.
Page 21 • Abagnale Fraud Bulletin, Volume 12
Frank W. Abagnale
Frank W. Abagnale is one of the world’s most respected authorities on the subjects of forgery,
embezzlement and secure documents. For over 35 years he has lectured to and consulted with
hundreds of financial institutions, corporations and government agencies around the world.
Mr. Abagnale has been associated with the Federal Bureau of Investigation for over 30
years. He lectures extensively at the FBI Academy and for the field offices of the FBI. More
than 14,000 financial institutions, corporations and law enforcement agencies use his fraud
prevention materials. In 1998, he was selected as a distinguished member of “Pinnacle 400”
by CNN Financial News. He is also the author and subject of Catch Me If You Can, a Steven
Spielberg movie that starred Tom Hanks and Leonardo DiCaprio.
Mr. Abagnale believes that the punishment for fraud and the recovery of stolen funds
are so rare, prevention is the only viable course of action.
The Check Fraud Prevention Specialists
S originated in 1994 as a division of a Southern California business bank
battling an epidemic of check fraud. Over a three-year period, altered and counterfeit
checks increased from $90,000 to over $3,000,000. Many of these checks were perfect
replicas of its clients’ authentic checks.
To stem this epidemic, Greg Litster, then Senior Vice President and head of the bank’s
Financial Services Division, retained fraud consultant Frank Abagnale, the world’s
foremost authority on check fraud prevention. At the bank’s request, Mr. Abagnale
designed SAFEChecks – America’s first truly affordable high security check designed
for organizations of any size, including small and medium-sized companies. The bank
strongly encouraged its clients to use these new checks, and over the next three years,
check fraud attempts fell to $126,000, a drop of 95%.
Mr. Litster acquired the SAFEChecks operation from the bank in 1996, and is its President and CEO. SAFEChecks has
continued to be a pioneer in check fraud prevention, and has clients of every type and size throughout the United States
and Canada. Because of SAFEChecks’ extensive security features and unique Secure Ordering Procedures, our checks
have never been replicated, nor has a check manufactured by SAFEChecks ever been used in a check fraud scam.
SAFEChecks offers high security business and personal checks, and secure check writing software that includes
Positive Pay and ACH functionality. In addition, Mr. Litster provides fraud prevention educational seminars, consulting
services, and expert witness services.
SAFEChecks “The Check Fraud Prevention Specialists” understands the serious nature and magnitude of check fraud.
Because of SAFEChecks’ unique foundation in banking, we know the various methods criminals use to commit payment
fraud. SAFEChecks has designed specific protocols and security features to thwart these fraud attempts. While no product,
policy, or program can provide 100% protection, SAFEChecks helps organizations and individuals build the strongest possible
defense against check fraud.
The Check Fraud Prevention Specialists
(800) 755-2265
8934 Eton Avenue
Canoga Park, CA 91304
(800) 755-2265
Fax (800) 615-2265
[email protected]
This brochure is provided for informational purposes only. SAFEChecks and the author, Frank W. Abagnale, assume no responsibility or liability for
the specific applicability of the information provided. If you have legal questions regarding the enclosed material, please consult an attorney.
Mr. Abagnale has no financial interest in SAFEChecks.
Was this manual useful for you? yes no
Thank you for your participation!

* Your assessment is very important for improving the work of artificial intelligence, which forms the content of this project

Download PDF