Foodman CPAs and Advisors

Back on February 27, 2023, FinCEN issued (in close collaboration with the United States Postal Inspection Service) an Alert on Nationwide Surge in Mail Theft-Related Check Fraud Schemes Targeting the U.S. Mail.  Then, on 9/9/24, FinCEN issued a Financial Trend Analysis related to  mail theft-check fraud incidents based on Bank Secrecy Act (BSA) data filed in the six months following FinCEN’s issuance of its 2/27/23 alert on this same topic. Mail theft-check fraud is a nationwide problem affecting financial institutions branches in all fifty states, Washington, D.C., and Puerto Rico.

FinCEN’s Trend Analysis reports that since the issuance of the Alert in 2023:

  • 841 Financial Institutions have submitted 15,417 BSA reports on mail theft-check fraud amounting to $688 million in suspicious activity committed by perpetrators.
  • This information is pertinent to consumers, business and industries as mail theft-check fraud losses have an impact on personal savings, checking accounts, business accounts, brokerage accounts, retirement savings, and negatively impact financial institutions that cover check fraud losses.

Know that Perpetrators:

  • Committing mail theft-check fraud targets the U.S. Mail in order to steal personal checks, business checks, tax refund checks, and checks related to government assistance programs, such as Social Security payments and unemployment benefits.
  • Steal all types of checks in the U.S. Mail as part of a mail theft scheme, but business checks may be more valuable because business accounts are often well-funded and it may take longer for the victim to notice the fraud.

Extracts of FinCEN’s Key Findings reported in the Financial Trend Analysis

  • FinCEN identified three primary outcomes from perpetrators after stealing checks from the U.S. Mail: (1) altering and depositing the checks, (2) using the stolen checks to create counterfeit checks, and (3) fraudulently signing and depositing the checks.
  • The methodologies that criminals use to perpetrate these outcomes can range from unsophisticated to highly organized and complex, often involving the use of advanced counterfeit check technology and chemicals that can remove ink from stolen checks.
  • Banks Filed 88 percent of All Mail Theft-Check Fraud Reports: The largest banks (by asset totals) in the United States submitted 44 percent of the bank filings in the review period. Small to-medium size banks filed a majority of BSA reports on mail theft-related check fraud.
  • Checks are Most Frequently Altered and then Deposited After They are Stolen from the Mail. Criminals most frequently alter and then negotiate stolen checks, according to BSA reporting. Their second most frequent use of stolen checks was creating counterfeit checks—where a stolen check is used as a template to produce counterfeits. And the third most common outcome was perpetrators fraudulently signing and depositing checks. Altered checks accounted for approximately 44 percent of the BSA reports, counterfeit accounted for 26 percent, and fraudulently signed checks were 20 percent, according to manual review of BSA reports.
  • The level of sophistication of the check fraud depends on the perpetrator’s technological capabilities. Effective alterations and counterfeit checks require some knowledge of the technology and chemicals used to wash checks.
  • Many perpetrators utilized methods that avoid human contact, including check deposits via remote deposit capture (RDC) or at automated teller machines (ATMs) and opening accounts online rather than in person.

All parties affected by check fraud (consumers, business, and industries) ought to learn the methodologies identified after a check is stolen from the mail in order to mitigate risk 

The Financial Trend Analysis Report breaks down the methodologies by level of sophistication. Here are the extracts:

Unsophisticated Methodologies

  • Fraudulently endorsing a check without modifying any information on the check: This involved someone signing their name on the back of a stolen check and attempting to deposit it.
  • Altering the payee or dollar amount without washing the check: Some perpetrators crossed out the payee and added their own name or changed certain letters or numbers to change the payee and/or amount. Others used white out to alter the information.
  • Third-party payments with no check modifications: Instead of modifying a check, criminals attempted making it appear as though the intended payee signed it over to them and attempted negotiating the check.

Moderately Sophisticated Methodologies

  • Check washing: Perpetrators wash check information using available chemicals to remove original ink and replace it with new information.
  • Selling information from a stolen check online: Some criminals attempted monetizing the check beyond its original amount by selling the check on dark web marketplaces or online forums, according to BSA reports and open-source research.
  • Using compromised check information to create counterfeit checks: Criminals took stolen checks and used them as a framework to create counterfeit checks with the victim’s banking information. Some criminals used more sophisticated technology to make high-quality counterfeit checks.
  • Stealing newly ordered checks from the mail: Some criminals stole newly ordered blank checks from the mail, forged the rightful account holder’s signature, and then issued the checks to themselves or others.

Sophisticated Methodologies

  • New account fraud: New account fraud involved criminals opening new accounts, typically online, specifically designed to negotiate stolen checks. This most frequently occurred when stolen checks were made out to businesses. Some criminals opened accounts either in the name of the payee or a name that is identical. The company that opened the account may not actually exist and may use a fraudulent address during the account opening process. Perpetrators may open these accounts using compromised identifying information or synthetic IDs comprising of information from several people.
  • Mail theft-related check fraud as part of a larger scam, mostly romance and employment scams: In these cases, scammers engaged victims in a scam and convinced them to negotiate a check and then send the funds elsewhere, using the victims as money mules to move stolen funds.
  • Insider involvement: Sophisticated operations have enlisted insider assistance at financial institutions or the USPS. In one case, federal prosecutors charged a USPS employee with stealing more than $1.6 million in checks from the U.S. mail, altering the checks, and depositing them into his own account.

Financial Institutions need to follow their BSA requirements

“A financial institution is required to file a SAR if it knows, suspects, or has reason to suspect a transaction conducted or attempted by, at, or through the financial institution involves funds derived from illegal activity; is intended or conducted to disguise funds derived from illegal activity; is designed to evade regulations promulgated under the BSA; lacks a business or apparent lawful purpose; or involves the use of the financial institution to facilitate criminal activity.”

Managing fraud risk proactively is imperative.

Who is your Corporate Governance Expert? ©