To impress upon an interviewer just how necessary it is to maintain vigilance against check fraud, Frank San Pedro borrows a line from Jules Verne's From Here to the Moon, a book he read as a teenager.
"Jules Verne says that there is a perennial contest between those who build the fortifications and those who build the cannon," San Pedro says. "Fraud is by and about professionals who want to hurt you with stronger cannon. We need stronger walls."
San Pedro is first vice president at Imperial Bank and the bank's manager of safety and security administration, and he says he wants more defenses. So far, though, it appears that the Inglewood, CA-based bank, which has $7 billion in assets, has done a reasonably good job at blocking check fraud.
But San Pedro says that is not good enough. Never mind that the financial institution does a solid job of screening out wise guys, counterfeiters, phony-check writers and an odious assortment of thieves when enrolling new customers. And its tellers and platform people are good at matching signatures and are staying alert for suspicious activity. Moreover, the bank employs an array of fairly sophisticated, high-technology anti-fraud tools.
Indeed, with the combination of old-fashioned "smell test" and computer-based tools, the bank has in the last year blocked two schemes that would have dented its coffers for nearly $10 million in losses. In one case involving a pair of confidence men--who, San Pedro says, were trying to cash a stolen State of California warrant for $9.8 million--the bank simply called Sacramento to inquire about the document. Bank officials subsequently learned that a stop-payment order had been issued and dodged a multi-million dollar bullet.
Another good prevention tool for Imperial has been "Positive Pay," a program under which banks maintain a daily electronic manifest of all checks issued by a customer and compare it with the check presented for payment. Should there be the slightest discrepancy in check number or payment amount, Positive Pay automatically denies payment.
It was this technology, San Pedro says, that recently spotted a woman who--masquerading under the guise of an actual business customer at Imperial, a medical supply company--attempted to deposit three forged checks drawn on the California bank. "Somehow," San Pedro says, "she cloned one of our customers' accounts."
The checks, two of which were deposited at bank branches of First Union Bank in Georgia and a third at a North Carolina branch, totaled $125,000. Using Positive Pay, however, Imperial was able to issue a stop payment order almost immediately. San Pedro says he telephoned his counterparts at First Union within 24 hours of presentation to notify them that the check was a fake.
The bank has also had good success at monitoring for check fraud by using "random selection" techniques. With this technology, an algorithmic program is written into the check-processing software to select random checks for review. "This is fairly standard in the industry," San Pedro acknowledges.
The bank security chief intends to do even more. To stay on the safe side, the bank is on a buying spree, adding the latest in high-tech, anti-fraud defenses. San Pedro cites a Spanish saying: "Cuando veas las barbas de tu vecino arder pon las tullas endre remojo." (When you see your neighbor's beard on fire, it's time to soak your own in water.)
With the bad guys aiming powerful cannon at Imperial's fortifications--while presumably trying to ignite his facial hair, as well--San Pedro is just one of the thousands of security-minded bankers in the U.S. who are searching for more sophisticated solutions to fraud prevention. And a booming industry is ready to accommodate, churning out the latest technology promising to, if not stop check fraud and other white collar crime, at least blunt its impact.
While they might not feel the bankers' pain, drummers of anti-fraud tools anticipate their clients' needs. "Criminals study the banks," warns Wendy Johnson, national sales manager at Carreker Corp., a Dallas software company that vends tailor-made security equipment. "They know the policies at the individual banks and they customize their fraud schemes. They are very smart."
The threat is palpable: Despite the hullabaloo about Internet banking and promises of a "checkless society," there are 70 billion checks written in the U.S. each year and fraud losses continue to rise.
The American Bankers Association estimates that actual losses from check fraud alone amounted to $679 million in 1999, up almost 33% from the $512 million estimated to have occurred in 1997 and outpacing the 12% rate of deposit growth between the comparative periods. When banks add up the amount of check-related fraud actually committed with the $1.5 billion it prevented, total fraud "perpetrated" against banks totaled $2.2 billion last year. That's about double the 1997 amount.
"If anyone thinks fraud is going away, they're wrong," says John C. Askew, a senior consultant at Pratt & Associates and a longtime fraud expert formerly with Wachovia Bank. Askew's comments are based on hard numbers contained in the ABA's "Deposit Account Fraud Survey 2000," issued just this month. While 100% of the large banks and 92% of the mid-sized banks reported experiencing check fraud, the most noticeable increases occurred among regional and community banks.
Check-related fraud losses actually diminished slightly at large banks. Says Askew: "As larger banks put in filters and controls, it's going to banks that haven't experienced it before."
Some 67% of community banks reported check fraud last year, compared with 48% in 1997. The greatest spurt in check-related losses was seen at regional banks, where losses grew 27%, compared with a 15% industry average.
For many bankers, combating check kiting, stolen and forged checks, and similar scams is becoming a top priority.
Carreker Corp., whose systems Imperial Bank's San Pedro is purchasing, is just one of several vendors specializing in anti-fraud products. Carreker boasts that 19 of the country's 20 largest banks avail themselves of its products. It reports that it protects $1.9 trillion in deposits for 65 U.S. banks, collecting data on 40,000 documented cases of fraud.
Its "FraudLink" tools include mainframe-based detection systems, which can be programmed to spot checks that could pose problems. At the teller's station or in the back office, the computer program probes for--among other things--duplicate checks, checks with "out-of-range" serial numbers, checks for unusually high amounts, and accounts that have a sudden, rapid growth in transactions.
"We analyze every check that clears the bank against the history of the account-holder," says Johnson. "We can compare [the account holder's] behavior against a set of rules designed to detect criminal behavior and figure whether the transaction has broken the rules."
Carreker also offers a product that ferrets out potential deposit fraud by identifying unusual deposit activity. Still another computer program acts as a defense against check kiting by automatically subjecting accounts to routine scrutiny, screening out aberrant activity; this helps winnow down the extraordinarily high number of transactions--some banks clear five million checks a night, Johnson notes Carreker's--into a manageable few worth a second look.
An epidemic of counterfeit checks, is perhaps the most prevalent illegal practice bankers say they are contending with these days.
Typically, says Joseph Brannan, a senior vice president at BB&T Corp., this takes the form of a couple of guys working out of a van who induce a factory worker to lend them a payroll check for just a couple of minutes. That is all it takes to scan the document and replicate it. In return for $50 or $100, professional thieves now have the capability to flood an area quickly with fabricated paychecks drawn on a good account with plenty of money in it before skipping town.
Such scanning techniques are equally workable with schemes involving government refund checks, stolen or borrowed personal checks and even refund checks received from a credit card company for an overpayment. Once in the possession of such a check, it is almost child's play for thieves to reproduce counterfeit checks "that often look better than the real thing," notes Carreker's Johnson. "Technology has created a real problem," she adds. "People don't waste their time sticking up banks any more."
While prevention software is by no means fail-safe, can prove especially beneficial when used in combination with other technologies, asserts Bruce Bett, senior vice president at Wachovia Bank in Atlanta.
Here's how it works: A bank employs what Brett calls "brute account filters" that automatically call attention to every deposit of a certain amount--$10,000 at a smaller bank, say, but as much as $100,000 at a very large bank, "depending on the customer base."
"Meshed together with image technology" from IBM and NCR, he adds, the pinpointed transaction can be instantly analyzed when a likeness of the check is made available on a computer screen for intense scrutiny.
Products like Carreker's do not come cheap, however. Up-front costs, even for a small bank, entail ponying up a hundred thousand dollars or more, although the company and banks are purposely vague and unwilling to provide hard numbers. But with community and regional banks coming under greater pressure from crooks, many may have to take a second look.
"It's difficult to show a return on investment in fraud," says Imperial's San Pedro. He notes, however, that two years could go by without any sign of difficulty when, seemingly out of the blue, an account holder who had been very regularly and very patiently depositing $100 every week suddenly drops in a check for $20,000--just the first tranche of a kiting scheme.
At Central Carolina Bank in Raleigh, vice president Paula Veasey says that the company calculates that it made back the money spent on software programs within the first six months of installation, but she declined to provide actual figures.
Formed in 1995, Primary Payment Systems, which prides itself as being "bank-owned and bank-directed," is another high-technology company proffering anti-fraud solutions which is experiencing rapid growth. It keeps tabs on the status of 134 million demand deposit accounts at 35 U.S. bank holding companies (accounting for 168 financial institutions) and by the end of next year expects to have 200 million checking accounts under its umbrella.
Among its 15 owners are Bank of America, BB&T, Wells Fargo, Citigroup, Bank One and First Security. The company's main selling point is that its risk management tools give participants the ability to verify the status of those 134 million checking accounts every day, giving it about 80% market share on the West Coast, a powerful reach. In the past 12 months, PPS claimed in September, its advance notifications have prevented "hard dollar losses" of more than $125 million. "That has the bottom-line impact equivalent of writing $80 million in loans," asserts Mary Anne Keegan, vice president of marketing.
The Scottsdale, AZ-based company is now in the midst of an aggressive sales and marketing campaign aimed at preventing hot checks written to credit card issuers and remittance operations. In addition to warning them about potentially fraudulent checks, PPS can supply daily updates on returned-item and stop-payment information.
Stephen Kopiec, senior vice president at PPS, says that several months ago, one bank using its software program saved itself $400,000 when it discovered that a check was written against a closed account. "The bank caught it," he says. "They knew it [was a bad check] the morning after the deposit."
Another that is making gains in the U.S. market is the Canadian company, ACL Systems, which lists Bank One, Bank of America and Wells Fargo among its clients and has a different market niche. Its aim is to provide data analysis tools for auditors and protect against an array of bank fraud, particularly check kiting and insider schemes, such as manipulating inactive accounts, which can result in embezzlement.
Among other things, its programs can list bank balances according to branch, select samples of new and closed accounts for detailed auditing, and test and report on accounts with continual overdrafts, dormant activity, or the like. Aside from price--the closely held, Vancouver-based company reports that its main product costs under $1,995--incredible, dazzling speed is a major selling point. "If you're looking through a million records to find a duplicate transaction," says Bernard Mott, sales manager for North America, "it's a question of minutes as opposed to days or hours using other companies' products."
It doesn't hurt to have a variety of prevention tools in place. So it is no surprise that most banks appear to use the products of several vendors. Meantime, security experts say that a vigilant, savvy, well-trained staff is an absolute prerequisite if fraud is to be curtailed.
Indeed, once a software program alerts a banker to a questionable transaction, it is up to humans not to drop the ball. Richard C. Ercole, president of the treasury management division at Imperial Bank, says that when he was at another bank, a colleague once authorized a bad check for $10,000 after recognizing the name of the issuer as a bank customer. It was a forgery, and a little old fashioned common sense would have saved the day.
"Some bankers are afraid to call up a customer," Ercole says. "But after the software outsorts the check, one of the best things you can do is call up a customer on the phone."