Check Fraud Prevention with Positive Pay

Our software is a somewhat contained world. Inside of it, we have a fair amount of control. This allows us to build audits, edit-checks, and other mechanisms in to protect the integrity of our data. When information comes in from the outside, we have the opportunity to vett it before allowing it in. And that's great for catching in-house malfeasance.

None of that protects us from others changing our checks after they have left our control. None of it prevents someone sitting half a world away from creating fake checks with our company name on them. This is where the concept of "Positive Pay" comes in, and banks are starting to push business into using it.

What is Positive Pay?

Positive pay is a cash management service provided by banks to help them catch check fraud. They use positive pay to match the checks written by the company with those that are presented for payment. If they don't match, then the check is considered fraudulent, and will not clear.

Positive Pay vs ACH/EFT?

Positive Pay is not to be confused with the term 'ACH' or 'EFT'. Although both entities generate check information and submit it to the bank, Positive Pay is only used as a form of check verification. It does not create an actual payment to the bank.

How does it work?

When a company issues checks, it sends a list off them to the bank. The information transmitted includes the check number, date, and dollar amount. In some cases, the payee may also be included on the list. This prevents anyone from altering the name of the recipient. As checks are presented to the bank, it compares each check with information on file.

If the information does not match, the bank notifies the customer through an exception report. They withhold payment until the issuing company advises the bank to accept or reject the check. The bank can flag the check, notify a representative at the company, and seek permission to clear the check. If the company finds an error or other minor problem, they can advise the bank to clear the check.

The Drawbacks?

Realize that there is generally a charge incurred for using the positive pay system, although some banks now offer the service for free. False positives - your company sends an incomplete file or forgets to send any file - might incur additional charges.

There are no standard for the Positive Pay file format or submission. Looking at five different banks, I have not have found four different formats. And the submission practices are all different. Some even require a user to physically log into a website and submit the file that way. Others permit automation-friendly methods like sftp.

Depending on the what the bank requires, positive pay may or may not verify the payee information, which means that check fraud can still happen as long as the check number and dollar amount don't change.

Reverse Positive-Pay?

Reverse positive pay is similar, but… in reverse. The company still gets a chance to verify the check number, amount, and sometimes payee, but instead of providing the information ahead of time, the company has to review lists sent by the bank.

File Formats

Like I said earlier, different banks use different formats. Most file use fixed-length formats. This usually means that you a normal accountant or controller can't just export a report into Excel and be done with it. It requires an export tool or program of some kind.

The example in Figures 1 and 2 is for KeyBank.

000000000012345671000023476201606290000168812  M DOUGLAS HURLEY LINDA HURLEY
000000000012345671000023477201606140006894573  SENEGA MCCANN
000000000012345671000023478201606150000069500  Invoice 3456 BRISBANS, MILDRED SERVICE COORDINATOR

Figure 1

Begin	End	Description	Format
1	2	Region Code	"00"
3	17	Account Number	Zero-filled, Right Justified
18	27	Check Numbers	Zero-filled, Right Justified
28	35	Date	YYYYMMDD
36	45	Amount	Zero-Filled, Right Justified, not decimal
46	46	Void Flag	'C' if void, ' ' if check
47	61	User Data	Space Filled
62	136	Payee Line 1	Capitalized, Space Filled
137	211	Payee Line 2	Capitalized, Space Filled
212	220	Filler	Space Filled

Figure 2

Wells Fargo on the other hand, used a file format that includes a header and a footer as seen in Figures 3 and 4.

*03123450000005050858010 
000015279710120700336980793200000013633Lizzie McGuire J 
000015279810120700336980793200000013384Miranda Sanchez
&              00002  0000027017   

Figure 3

Begin	End	Description	Format
1	3	*03	"*03"
4	8	Back ID	Zero-Filled, Right Justified
9	23	Account Number	Zero-Filled, Right Justified
24	24	0	"0"
Details
0	10	Check Number	Zero-Filled, Right Justified
11	16	Date	MMDDYY
17	26	Account Number	Zero-Filled, Right Justified
27	29	Transmission Code	"320" - check, "430" - Void
30	39	Amount	Zero-Filled, Right Justified
40	79	Payee	Space Filled
80	80	Filter	Space Filled
1	1	&	"&"
2	15	Filler	Space Filled
16	20	Detail Count	Zero-Filled, Right Justified
21	23	Filler	Space Filled
24	33	Total Amount	Zero-Filled, Right Justified
34	80	Filler	Space Filled

Figure 4

Final Thoughts

Positive Pay is a feature that should exist in most business systems. Implementing Positive Pay takes a little bit of effort, but since banks are starting to pushing companies into this, it is a good time to update our accounting software with these features.