The headline on the story at an Oklahoma television station’s website said it plainly: “Mobile Banking Used To Steal Thousands From OKC Business.”
The story elaborated that Paris Limo in Oklahoma City had been looted of some $15,000 by an employee who apparently made it a habit to deposit the same paycheck in multiple checking accounts, effectively doubling or tripling his income.
Jimmy Paris, the company owner, acknowledged that nobody reconciled the payroll account on a monthly basis.
All of which raises the question: how widespread is double dipping with mobile remote deposit capture? Alan Bernstein, president of Vertifi Software, a CUSO that offers MRDC to hundreds of credit unions, said, “This is totally contrary to what we have experienced in the three years we have provided MRDC.”
He acknowledged that there have been instances of fraud, “but we could count them on the fingers of two hands.”
Accidental double deposits – where one spouse uses MRDC to deposit a check and, later, the other spouse deposits the paper check – may be more common, said Bernstein. But he stressed that numbers for accidents are also minuscule.
Bernstein also stressed that each financial institution sets its own MRDC limits – establishing ceilings of deposit amounts, for instance, and some financial institutions extend it only to members with a track record.
He added that many companies, Vertifi included, provide duplicate detection tools. This technology captures duplicates within the same institution, such as when two spouses deposit the same item.
Bernstein acknowledged that, right now, there is no foolproof way to eliminate double dipping that involves two institutions. There are time lags in Check 21 processing and, right there, is a window that a fraudster could exploit.
At MRDC leader Mitek, chief marketing officer Scott Carter added, “the level of losses in the mobile channel remains extremely low.”
John Walsh, CEO of North Carolina-based SightSpan Inc. and a fraud expert, noted that financial institutions “are obligated to do transaction monitoring but there is a lot of weakness in the system,” weakness that this particular Oklahoma scamster exploited.
But Walsh added: “The individual business owner needs to be looking at their own business account, let’s not forget that apparently wasn’t happening regularly in this case.”