Old-fashioned check fraud has become a rising, costly problem for financial institutions.
When $154 billion Regions Financial Corp. reported its third quarter 2023 earnings on Oct. 20, executives revealed the firm had experienced $53 million in check fraud losses during the quarter, on the heels of $82 million in losses reported the previous quarter. The bank projected fraud losses to normalize around $25 million in the fourth quarter and through 2024.
“Fraud has increased dramatically in the industry,” Chief Financial Officer David Turner told analysts during the Birmingham, Alabama-based company’s recent earnings call. Due to the time it takes for an issuing bank to discover the fraud, he noted that it generally takes Regions “about 50 to 60 days” to learn that it has accepted a bad check.
In an email to Bank Director, Regions declined to share further details about the check-related fraud schemes it experienced over the past two quarters. “Fraud prevention is a 24/7 focus at Regions. We continue to invest in talent resources, technology and automation to combat these spikes seen in the industry,” a spokeswoman said. “As we have taken several counter-measures to help fight this, we were pleased to report Friday [that] the volume of new fraud claims [had] slowed.”
While Regions reported some eye-popping numbers, smaller financial institutions have also been affected by the problem. The overall check volume of check payments has declined, dropping 7.2% a year between 2018 and 2021, according to the 2022 Federal Reserve Payments Study; meanwhile, check fraud has skyrocketed. The Financial Crimes Enforcement Network (FinCEN) reported in February that suspicious activity reports involving fraudulent checks totaled over 680,000 in 2022, almost double from the prior year. And in 2021, suspicious activity reports concerning fraudulent checks totaled 350,000, a 23% increase from 2020.
Check fraud cost banks approximately $6 per check processed in 2022, according to a recent estimate from SouthState Bank’s correspondent division.
The $16 billion ServisFirst Bancshares, also in Birmingham, has seen a jump in check fraud in recent years, says Chief Operating Officer Rodney Rushing. The bank has struggled particularly in getting reimbursed by larger banks that accept fraudulent or washed checks drawn on ServisFirst, he adds.
“One of the money center banks or one of the super regional banks may have 30 [fraudulent] checks with us, and we provide copies of all the documentation, and we have outside counsel send that to them,” Rushing says.
There are several types of check fraud, and the nature of a specific scheme determines which bank is ultimately responsible for the financial loss incurred. When a check has been altered, the bank of first deposit — that is, the one that accepted the washed check — is ultimately responsible. If a check has been forged, then the originating bank is responsible.
For some community banks, getting reimbursed by larger banks that accept their washed or altered checks has added an extra headache. “That has been somewhat of an issue — getting timely reimbursement. It’s something we’re still working on,” Rushing says.
A few underlying causes have fueled the rise of check fraud in recent years. Mail theft surged with the Covid-19 pandemic. Stimulus checks sent via the mail provided a convenient target; at the same time, the U.S. Postal Service limited the policing duties of postal inspectors. Oftentimes, thieves will obtain an arrow key — a universal key used to access mailboxes in an apartment building, for instance — off a postal carrier during an armed robbery so they can steal greater quantities of mail.
Criminals have also become more sophisticated at washing and copying stolen checks.
Fraudsters frequently open dummy accounts at large financial institutions and use remote deposit capture to deposit washed checks, in order to avoid interacting with a teller. They also take advantage of the lag between the time a check is deposited at one institution and when it’s discovered as fraud at the originating institution.
“It’s no longer somebody stealing the birthday check from grandma out of her individual mailbox on her suburban street. It’s on such a wider scale,” says Sam Truitt, senior analyst, financial crimes with Jack Henry. “Especially when people are ordering checkbooks. If I steal that out of your mailbox, I have legitimate checks.”
To gauge the impact of this growing risk, directors should first get a handle on the scope of the problem at their own organization. Start by asking management about check fraud losses at your bank and how those compare with prior years. Also ask for detailed information, including the specific type of check fraud that’s happening and where it’s occurring. Are the majority of those fraudulent checks deposited with one or two particular institutions, for example?
“If a bank hasn’t looked at their fraud losses, it is one of those things that can just slip up and shock you,” ServisFirst’s Rushing says.
The board could also ask about the types of technology and controls the bank is using to detect check fraud, although Truitt cautions that “we aren’t seeing huge innovation in check detection at all.” Still, it’s worth asking about the kinds of information sharing practices your bank may be engaging in, and whether bankers are using consortium data to analyze and understand broader patterns across the industry. The 2001 USA PATRIOT Act allows financial institutions to engage in this kind of information sharing under section 314(b), Truitt says. FinCEN encourages the practice.
Finally, directors should understand the organizational structure used to process checks. For example, is there a way the bank can break down silos between deposit operations and fraud prevention so the two groups can work together more regularly and seamlessly?
“The most important thing for the board of directors to know is that it’s not going to go away,” Truitt says. “And what’s happening with checks right now isn’t unique to only checks. This will happen to any payment method; it’ll just resurge over time.”