The Digital Detective, Banking part 2

Continued from last week, where we explained the basics of kiting and how banks work…

The Crumpled Kite

As mentioned earlier, kiting isn’t as common as it used to be, partly because of stiff penalties, but also because the time it takes to clear a check with another bank has shrunk from many days– sometimes a couple of weeks– to just a day or two. But when I consulted, I witnessed a kiting scheme that could have fooled financial institutions and their computers almost indefinitely.

A bank in Virginia’s Shenandoah Valley decided to invest its excess computer resources in software development and I contracted as their consultant. It was an odd relationship because they feared me as if they’d hired a gunslinger to guard the vault.

One evening I idled, waiting for computer time; in fact, I was waiting for a new guy to finish the night’s reconciliation run. As I sat tapping my fingers, he called the lead operator over and pointed out a worn, battered check. The lead glanced and dismissed it, saying “Just stick it in an envelope, imprint it, and run it through again.”

“But…” said the new guy hesitantly, aware the lead seemed annoyed he didn’t jump to it. “But, we can’t. I mean, it arrived in a carrier envelope and look, it’s not our routing number. And it's really old.”

Curious, I wandered over and the operations supervisor stepped in, obviously impatient at the delay. He read the check, stared at it, lips moving as he re-read the numbers. He ran his thumb under the date, several months old. Puzzled, he picked up the phone and beeped the operations manager.

It was still early evening when the manager strolled in. He looked at the check and made a phone call. When he hung up, he shrugged and turned to the supervisor, “No matter, we’ll find out in the morning what’s going on.”

But by now, the worn check had captured my curiosity and that of my colleagues. Three of us sat down to figure it out. We discovered a scam, and this is how it worked.

The Endless Kite

From a common check supply company, our schemer bought checks printed with Frugal Savings & Loan’s name, address, and logo, but with Penury Bank’s routing number. He waltzed into a bank other than Frugal Savings & Loan, cashed his check, and departed without a care in the world.

That evening during the check run, the machine sorted his check into a tray to be delivered to the clearing house. From there on out, the following cycle endlessly repeated:

1. The check arrives at the clearing house. Its routing number routes the check to Penury Bank & Trust.
2. During the check run at Penury, the computer accepts the routing number but doesn’t recognize the check’s bogus account number and kicks it into the rejects pocket.
3. A Penury operator plucks it out of the rejects pocket, notices it bears a Frugal Savings & Loan logo and address on it, and either manually packages it to send directly to Frugal S&L or bundles it to send back to the central clearing house for forwarding to Frugal. Either way, the check winds up at Frugal Savings & Loan.
4. At Frugal, the MICR reader sees another bank’s routing number, knows that’s wrong, and kicks the check into the rejects pocket. It goes back to the clearing house to repeat the cycle again.

Meanwhile, the bank that cashed the check hasn’t received their money, but neither has the check been denied.

The Kite that Crashed

The cycle eventually broke because constant transit nearly wore out the check and an inexperienced operator questioned why a draft on his bank contained an unfamiliar routing number.

We don’t know how many experienced operators routinely handled the check, seeing the bank name and logo and not the routing number, just as their computers saw the routing number and not the bank name.

Banks (at least at that time) did not have a standardized way of handling a check that forever floated but never cleared. In many cases, the bank software simply left the deposit unresolved with neither the funds transferred nor reserved– it simply stayed on the books, so to speak. In banks that impose holds, their programs might be written to release the hold after a number of days if the check isn’t returned, even if the funds aren’t actually received.

I speculate the scheme might have been harder to detect if non-magnetic digits had been printed over ‘invisible’ MICR ink. In other words, the pigment in MICR ink is for the convenience of people. The computer itself doesn’t use optical recognition (OCR) but senses the microscopic particles in the numbers.

No one’s immune to bunco, not even banks.

The Digital Detective, Banking part 1

Banking on Naïveté

Readers and writers may be aware of many internet ploys attributed to Nigerians and occasionally Russians. One of the first I saw came in an eMail and read something like:

Hello, my name is Renaldo. I’m a Ukraine artist and I sell my works all over the world. Some customers want to pay by cheque or money order, which is expensive and difficult to cash here. I will pay you 10% if you can cash cheques and wire me 90%. Please?

Consider three possibilities:

1. It’s barely possible although unlikely the request is legitimate.
2. It’s a money laundering scheme.
3. It’s an outright scam to grab your money.

In the third outcome, the schemers arrange to have a number of checks sent, which you cash and forward the proceeds. Eventually you receive a large money order or draft drawn on a major bank. Your bank likes it, cashes it, and gives you the money, whereupon you forward 90%.

Two or three weeks later, your now angry banker calls you, demanding restitution for a bad money order. The forgery was so good, it not only fooled you, it fooled them, but by now the money’s in Asia or Africa and you’re stuck, having to repay your bank several thousand dollars.

This works in a similar way to an eBay / Craig’s List scam. You advertise an item for sale and the bid closes at $150. To your surprise, you receive a money order for $1500 followed by a panicky eMail, wherein the buyer claims their bank or post office made a typo and added an extra zero. Instead of returning the check, they say they trust your honesty and since they need the item you’re selling, they suggest you cash the money order and return the excess along with the item you sold.

All goes well until your bank belatedly discovers the money order is fraudulent. Not only is your precious item long gone, but you must repay your bank.

During the next few weeks, I’m going to write about bank and brokerage fraud.

How to Fly a Kite

Kiting was once a commonplace fraud where the perpetrator opens accounts in at least two separate banks, neither of which places a hold on checks. Indeed, kiting exploits the hold greedy banks place on checks, holds where they use your money for free. High-speed electronic banking and stiff penalties have made the crime less common now because many checks can be instantaneously verified.

Here is how traditional kiting works: Our perpetrator, whom we'll call James Whitcomb Wiley III of Beaver Meadows, Indiana (no relation to the real James Whitcomb Wiley III of Beaver Meadows, Indiana) establishes accounts at Frugal Savings & Loan and Penury Bank & Trust, with no money to speak of in either account. Still, our man Wiley wants $1000.

He goes to Frugal S&L and withdraws $1000, covering it with a simultaneous deposit of a check for $1000 drawn upon his Penury Bank account. He’s just kited his first check. An honest person would scurry over to Penury and deposit funds there before the flaky check arrives, but not Wiley.

Wiley intends to live in Beaver Meadows for a while, but his prospects of earning $1000 to reimburse Penury Bank remain elusive. So he writes a check drawn on Frugal S&L to deposit in Penury Bank– whereupon he kites his second check, and now Penury is waiting for Frugal's check to clear. Before the empty account can be discovered, he deposits a fresh but worthless Penury check into Frugal, and continues the cycle.

Theoretically, a diligent fraudster could continue this a long time. In times past, people have pulled it off for weeks, even months. However, such schemes are subject to human error and unforeseen events that eventually expose the kite and bring the party to a halt. Meanwhile, Mr. Wiley has probably moved on to another state, possibly opening an account with a check drawn upon Penury Bank & Trust.

A Bank's Back Office

At the bottom of your checks is a row of numbers and hyphens printed in a distinctive 'MICR' type style using special magnetic ink.

You’ll notice at least two groups of numbers. One group you’ll recognize as your account number. The group before it contains nine digits, which represents the bank’s routing number, unique to each institution. You may also find the check number and, after it’s returned from the bank, possibly the amount of the check, which it’s wise to verify.

Banks don’t require customers to use checks they provide, indeed, as the story ‘Swamped’ pointed out, you can write out a check on anything, even a paper napkin. Many people buy checks from a paper supplier, like those that advertise in the local ad sheets.

At the end of a business day, banks gather checks and deposits made during the day and checks received from federal clearing houses, which they feed through a MICR device. MICR (pronounced my’cur) stands for magnetic ink character recognition and the machine, a magnetic ink character reader, reads those numbers from checks and deposits slips into the computer.

Occasionally checks jam or the machine fails to read the numbers. An operator may glue a strip at the bottom or place the check in a glassine envelope and manually key the numbers with a MICR imprinter. If the clearing house sends a check to the wrong bank, it will be kicked out and sent back to be routed to the correct one. Experienced operators are used to this and handle flaws and flubs as a matter of course.

Here I've built background for next week, where I'll reveal the Endless Kite.

The Wild West Continues

     For those of you who believe that fly-over country is the last bastion of American family values, boy, do you have a lot to learn.  South Dakota is ranked 49^th in the nation for government honesty; i.e., it's 2nd in the nation for government corruption.  Only Georgia is worse.   

http://www.iwatchnews.org/2012/03/19/8423/grading-nation-how-accountable-your-state

We get an “F” in everything from political financing to state budget process (always manufactured late the night before the legislature goes home) to ethics enforcement to…  it just goes on and on.  Basically, no accountability, no transparency, and no public access.  It’s the wild west, but with less gunfire. 

     And they get away with it for two main reasons:  
(1) this is a nice state, full of nice people, who would never do anything wrong; and 
(2) this is a nice state, full of nice people, who would never be so impolite as to raise a ruckus no matter what.  
A lot of people blame the Norwegian Lutheran Syndrome (there are whole books on this subject, not to mention Garrison Keillor), but people up here avoid conflict as if it were an unsedated colonoscopy.  The result is…   

      We get a lot of interesting businesses.  The national credit card industry, for example, is based in Sioux Falls, South Dakota because, back in the day, SD passed a law that eliminated caps on interest rates right after the Supreme Court ruled that banks could charge interest based on where their credit-card operations were headquartered, even if the bank's main operations were somewhere else.  So everyone moved to Sioux Falls, and you’ve – we’ve – all had high interest rates ever since.  

      Another booming business in SD is selling South Dakota residency.  Check out: http://mydakotaaddress.com/  This is only one example of multiple little store-front operations that allow a person, in exchange for a yearly fee, to establish South Dakota residency and thus avoid paying state taxes in the state in which they actually live.  They provide a SD mailing address, and help people obtain “your new SD drivers license, SD vehicle registration and voters card.”  They collect the mail and send it on, send on absentee ballots for voting, and basically allow a lot of people to “live” in South Dakota, thereby avoiding property taxes in their home state and perhaps avoiding other things as well.  Who’s to say that the name they give is their real name?  

      Now, this is all fraudulent:  It’s mail fraud, voter fraud, tax fraud…  But, when I investigated it and brought it to the attention of all my state officials, I was told there was nothing illegal about it, and to contact them “when a crime had been committed.”  Well, at least one crime is going to be committed, at least on paper, because I can think of all kinds of reasons for people to use these, and some of them are going to show up in my mysteries.  

    And the latest hot businesses are shelf corporations.  These are entities that are created by lawyers incorporating a bunch of corporations that exist in name only—no assets, no employees, and no board members except the agent filling out the paperwork. (It’s sort of like the residency corporations, who have an owner and a person doing the mailings, and that’s it.)  Anyway, if you want to start a business, you pay a fee to the incorporator, and you’ve got a corporation.  And you the purchaser get complete anonymity.  The following is a pitch from Corp95.com:  http://www.corp95.com/

     “South Dakota is one of the best kept secrets in the corporate formation world.  The state has NO corporate income or franchise taxes.  Their annual fees are minimal ($50 per year) and they allow for the most privacy of ownership than in any other state. South Dakota is a low key environment and does not require that its businesses maintain any physical presence in the State.  Formation is fast and requires a minimum of personal information.  You will pay no more and sometimes less than some of those states that claim to offer privacy but do not actually do so. Why form your company in a state that claims to have no taxes, but then charges high fees to compensate for this. South Dakota truly does offer the most privacy at a very reasonable ongoing fee.  Call us at 800-859-6696 and let us provide you with the details for formation of your business entity in this friendly state.”

     Forty-ninth in the nation:  Georgia, look out.  We’re going to catch up with you.