RDC Risk
Mitigating Transaction Risks
Introduction
Due to the nature of RDC (Remote Deposit Capture), that allows to remotely deposit checks with minimal manual oversight, it is common for malicious individuals to try to defraud platforms via RDC. Consequently, RDC can present a high risk of returns and/or fraudulent activity. Below you can find a description of the most common ways this system is abused and how these risks can be mitigated. Any negative balance, resulting from RDC will be reconciled from the platform’s reserve account.
Duplicate Presentment
Duplicate presentment occurs when a malicious individual deposits a check via RDC to bank A, and then immediately takes the check in physical to bank B. If this occurs, the bank that accepted the check via RDC will be liable for the return in most cases.
Mitigating Duplicate Presentment Risk
This risk can be minimized by asking the user to properly endorse the check “For mobile deposit only”. Checks with this endorsement are less likely to be accepted in physical deposits by banks and thus, duplicate presentment is less likely to occur. Synapse will not accept RDC checks without the above described requirement. We will also require that platforms have a pop-up or similar banner message prior to accepting images of a check for RDC with language similar to: “Please endorse the check ‘For Mobile Deposit Only’ before submission”. See RDC Submission Suggestions for an example.
Other Financial Risk Sources
Besides duplicate presentment other financial risk sources on RDC are:
1. Third Party Access Fraud
Third party access fraud occurs when a user gives a third party access to their account to make deposits (and possibly other transactions) on their behalf. This is a common request in RDC related scams in where a fraudster may deposit fraudulent checks and have the user move a portion of the funds back to them before the deposited item returns. This will often result in a negative balance. We recommend platforms build logic to warn users about this practice.
2. Check Kiting
Malicious users may take advantage of the time between the check deposit and when the check actually clears the paying financial institutions (called the “float”) to make use of non-existing funds in an account. This is referred to as “check kiting”. It presents very similar risk as other types of RDC fraud, however, this can go on for extended periods of time as users will often continuously use the float period to cover negative balances with funds that do not exist. This can result in substantial financial losses.
3. Information Mismatches
All RDC systems are susceptible to information mismatches. For example a $500.00 check value being misinterpreted as $300.00. To help minimize this risk, we prefer all checks to be printed instead of handwritten.
4. General Return Risk
If a return occurs on a deposited check whose funds have already been withdrawn, the account will go negative in a similar fashion if the transaction was an ACH return. General return risk may be associated with both malicious and non-malicious users. For example, a check returned as “NSF” may not have been intentional and is generally low risk as long as the funds have not been overdrawn or the user covers any negative balance incurred. In contrast, a check returned as “altered fictitious” is typically indicative of a counterfeit check and intentional fraud.
Mitigating Other Financial Risks
All the above risks, and others, can be mitigated by requiring higher processing times of transactions (the time period before a transaction settles), and asking for greater KYC from users or users interested in moving larger amounts. Please refer to our general risk mitigation section for additional suggestions.
Updated about 5 years ago