Have you just realized that your institution may have deposited a fraudster’s check? This scenario is far more common than many expect, with industry data showing that over 60% of US organizations have experienced attempted or actual check fraud.
When this happens, banks and financial institutions must act quickly by following specific response steps and adopting best practices to limit exposure and future risk.
In this article, we explain what happens if you deposit a fraudulent check and how to stop the fraud before losses occur.
Forged or altered checks are not the customer’s responsibility. Losses are allocated between banks based on who was best positioned to prevent the fraud, which is why timely detection and documentation matter.
Regulation CC often requires banks to release funds before a check fully clears. If the item is later returned, the bank must notify the customer quickly and reverse the credit, which can lead to overdrafts, disputes, and operational cleanup.
Suspected check fraud can trigger a formal report under applicable rules, with possible involvement from regulatory or enforcement authorities. Missing red flags or delaying action increases both financial and compliance risk.
Mobile, ATM, and new-account deposits are prime targets for fraud. Exception holds, deposit limits, dual control, and behavioral monitoring are far more effective when applied before funds are released, not after a return occurs.
Instead of waiting for returns, VALID Systems evaluates check risk at the moment of deposit using machine learning, behavioral analytics, and shared intelligence. This allows banks to stop fraud before losses occur, reduce manual review, and deliver faster, safer funds availability across every deposit channel.
When handling a deposited check, whether legitimate or fraudulent, banks must follow several layers of rules. The most important are:
Under the Uniform Commercial Code (UCC) Articles 3 and 4, a bank may charge a customer’s account only for checks that are properly payable, meaning they are authentic and authorized. Altered or forged checks are not properly payable, so the customer is not responsible for the loss.
For altered checks, liability usually falls on the first depositary bank through warranty claims. At the same time, forged signatures are typically the responsibility of the paying bank because it can best verify the drawer’s signature.
Regulation CC (12 CFR Part 229) governs funds availability and check collection, setting rules for hold periods and requiring banks to return unpaid checks promptly. If a check is returned unpaid, the depositary bank must notify its customer by midnight of the next banking day.
Regulation CC also allows longer holds when there is reasonable cause to doubt collectibility, as long as the bank documents the reason and provides the required notice to the depositor.
Under the Bank Secrecy Act and AML regulations, suspected check fraud may require filing a Suspicious Activity Report (SAR). A SAR is required for criminal activity involving $5,000 or more when a suspect is identified, or $25,000 or more, regardless of whether the suspect is known or not.
Banks should flag and promptly report large, unusual, or patterned check fraud in accordance with BSA requirements.
Depending on the type of fraud and the accounts involved, banks may need to comply with several additional laws, regulations, and supervisory guidelines:
|
Law / Guideline |
Scope of application |
|
Elder abuse and exploitation laws |
Elderly or vulnerable customers who may require additional reporting |
|
Government benefits regulations |
Social Security or other government benefit checks |
|
FDIC examination guidance |
Fraud-related expectations in FDIC examiner manuals |
|
NCUA examination guidance |
Fraud-related expectations for credit unions |
|
FFIEC IT & BSA manuals |
Supervisory guidance on fraud, IT security, and BSA/AML compliance |
|
Regulation E (EFTA) |
Consumer electronic fund transfers and related consumer protections |
|
Regulation CC |
Check funds availability, returns, and disclosure requirements |
|
Internal bank policies |
Prudent risk management procedures, especially for corporate accounts |
So what happens if you deposit a fraudulent check? Here’s how the process typically works and what you can expect along the way:
A customer, or sometimes an unknown person, deposits a check using a branch teller, an ATM, or mobile deposit. The bank processes the check, usually through a check-scanning system, and credits the customer’s account, often on a provisional basis.
Because federal regulations (such as Reg CC) require funds to be made available within certain timeframes, the customer may see the deposit reflected in their account within one to two days, even though the check has not yet fully cleared.
Check images are sent through the clearing system, either via the Federal Reserve or a private clearinghouse. If a check is fraudulent, such as being altered or forged, the paying bank will identify it as invalid, usually within a few days.
When this happens, the paying bank returns the check (or an image of it) to your bank along with a notice of nonpayment.
After your bank receives a returned check or notice that a check was not paid, Regulation CC requires that the customer who deposited the check be notified by midnight of the next banking day.
Usually, this is done by sending a written notice or an email (if allowed) explaining that the check was returned unpaid.
When a check is returned unpaid, the bank debits the funds originally credited to the customer’s account. This is called a chargeback and is allowed because the check was not valid.
If the customer has already used the funds, the account may become overdrawn, or the bank will request repayment. Any money from a fraudulent check must be returned to the bank.
Returned checks are usually processed through normal return channels, which automatically reverse the credit. Even if the bank credited the funds in error, it may still charge back the account as long as it acts within a reasonable time.
Some banks charge a returned check fee or fraud item handling fee when a deposited check is returned unpaid.
If your policies permit, you may pass these fees on to the customer and reverse the provisional credit to help offset administrative costs. Just ensure that any such fees were clearly disclosed in advance, as required under Reg CC.
While the return process is underway, the bank’s fraud or operations team should investigate the check internally. This review typically includes:
If the check fraud meets SAR filing criteria, submit a SAR to the Financial Crimes Enforcement Network (FinCEN) within 30 days of initial detection.
FinCEN encourages reporting significant or suspicious fraud activity regardless of dollar amount.
Check fraud is a criminal offense. When the identity of the fraudster is known, or the financial loss is significant, banks often file a police report or coordinate with the US Postal Inspection Service (USPIS) in cases involving mail-related fraud. Both the FinCEN and the USPIS encourage banks to refer affected customers to USPIS, which operates a national reporting hotline.
Depending on the circumstances, the bank may also contact local law enforcement or a nearby FBI field office, particularly when mail theft, identity theft, or organized fraud is suspected.
To reduce the likelihood of fraudulent checks entering your bank, it’s important to combine regulatory compliance with proactive risk controls.
The following practices can help you prevent and mitigate check fraud:
Use transaction monitoring tools to detect unusual or potentially suspicious activity. Effective monitoring should flag patterns such as:
Anti–money laundering (AML) systems can be configured with rules to identify these check-deposit anomalies.
Pro tip
Many banks manage check fraud reactively, identifying issues only after fraudulent checks have already cleared. VALID integrates real-time, validated fraud decisioning directly into check and payment workflows, reducing human error, system gaps, and residual fraud exposure.
VALID’s platform combines machine learning, behavioral analytics, and cross-institution intelligence to detect and stop fraud at the point of deposit.
Contact us today and stop check fraud before losses occur.
Train tellers and operations staff to identify and flag unusual or high-risk check deposits early. Extra caution should be taken with cashier’s checks and money orders, particularly when the customer did not purchase the instrument themselves, which is a common red flag in scam-related activity.
When there is uncertainty about whether a check will be collectible, staff should use the Reg CC “reasonable cause” exception to hold funds for an extended period. This additional time allows for proper verification and helps reduce potential losses.
Use layered controls to identify altered or counterfeit checks before funds are credited. Combining automated detection with targeted manual review helps reduce fraud risk while minimizing unnecessary delays.
Here are the key controls to apply:
Pro tip
Many fraud detection tools focus almost exclusively on check image analysis, which can limit their ability to identify sophisticated or repeated fraud.
VALID Systems goes beyond images by using machine learning to analyze behavioral patterns, transaction history, and contextual payment signals during the clearing process.
This allows you to detect fraud earlier, reduce false positives, and improve operational efficiency over traditional image-based approaches.
Mobile and ATM deposit fraud thrives in low-touch environments where human interaction is limited. To reduce fraud, especially from fake checks deposited remotely, banks should apply conservative controls to mobile and ATM deposits, particularly for new account holders.
Here is what you can do:
For high-risk transactions, such as large checks, deposits from new customers, or out-of-state checks, require a second employee or a manager to review and approve the transaction.
For instance, when a deposit exceeds a set dollar threshold, the employee who posts the deposit should be different from the one who approves it. Separating responsibilities in the check-clearing process helps catch errors and reduce risk.
To stay ahead of emerging fraud tactics, regularly review industry bulletins, including alerts from FinCEN on mail-theft check fraud. Also, participate in industry fraud networks or hotlines, such as Bankers’ Banks fraud teams, the Check 21 Alliance, or regional consortia, to share insights and stay connected.
You can also strengthen defenses by using shared-intelligence platforms such as VALID Systems’ Edge Data Consortium. Edge connects banks and credit unions to a secure, AI-powered network that pools data to detect threats such as counterfeit checks, account-opening fraud, and loan application scams before they escalate.
Traditional check fraud controls often kick in after funds are made available, leaving banks exposed to returns, losses, and operational cleanup. VALID flips that model.
Using real-time machine learning, behavioral analytics, and consortium-driven intelligence, VALID evaluates check risk at the moment of deposit across mobile, ATM, and branch channels, enabling institutions to make confident decisions before losses occur.
VALID partners with major US banks, including PNC, TD Bank, and Truist, and processes over $4 trillion in annual check volume, giving the platform real-world exposure to emerging fraud patterns long before they become widespread losses.
That scale isn’t theoretical. VALID’s real-time decisioning operates in live production environments, delivering measurable improvements in fraud loss reduction and operational efficiency across diverse institutions. Here are some of the results:
Contact us today and stop check fraud in real time, across every deposit channel.