Try it now, capture a real invoice
Free plan · No credit card · Your data stays yours
Check fraud is the theft or alteration of a paper check to divert money to someone who is not the intended payee. It is the oldest payment fraud there is, and it is still the one that hits US businesses hardest, because the check remains the only common payment method that carries your bank account number and routing number printed in plain sight on a piece of paper you hand to a stranger and mail through the postal system.
The scale is not subtle. FinCEN reported roughly 680,000 suspicious activity reports related to check fraud in 2022, close to double the 350,000 filed in 2021. Year after year, treasury and AP surveys put checks at the top of the list of payment methods targeted by fraud, well ahead of ACH and cards. If your company still writes checks, and most US companies still do, this is the exposure to understand.
How does check fraud actually happen?
There are a handful of mechanics, and they mostly start with someone getting physical possession of a check.
| Method | How it works | What it costs you |
|---|---|---|
| Check washing | A stolen check is soaked in solvent to erase the payee and amount, then rewritten. The signature survives because it is usually in a different ink. | The full rewritten amount, often far above the original |
| Mail theft | Checks are stolen from outbound mailboxes, blue USPS collection boxes, or the recipient's mailbox, sometimes using stolen postal keys. | The check, plus your account and routing numbers |
| Counterfeit checks | Your account and routing numbers, harvested from one real check, are used to print new checks on blank stock. | Unlimited, until the account is closed |
| Altered payee | The payee name is changed to a similar-looking name or an added word, so the deposit clears at a bank that is not looking closely. | The full check amount |
| Forged endorsement | A legitimately issued check is deposited by someone other than the payee using a forged signature on the back. | The full check amount, and an angry unpaid vendor |
| Insider issuance | An employee with access to check stock and the signature plate issues checks to a shell vendor. | Usually large, because it repeats until someone reconciles |
Notice how many of these begin with a check leaving your building. Once a check is in the mail, you have handed a document containing your bank credentials to a delivery process you do not control.
Why are checks still the most defrauded payment method?
Because a check is a bearer-ish instrument printed with everything a criminal needs. It carries your routing number, your account number, an authorizing signature, and it travels through the physical mail. An ACH payment carries none of that in public, settles inside a controlled network, and can be blocked with a debit filter. A virtual card number is single-use and dies after one transaction.
The second reason is that check fraud is often discovered late. An ACH problem shows up in days. An altered check might not surface until the bank reconciliation, and by then the funds are gone and the reporting window that protects you may have closed.
What controls actually stop check fraud?
Ranked roughly by how much protection they buy per unit of effort.
- Positive pay. You send your bank a file of every check issued: number, date, payee, amount. The bank pays only checks that match. Anything else is flagged for your review before it clears. This is the single most effective check control that exists, and most banks offer it. See positive pay for how to set it up and what payee positive pay adds.
- Pay fewer checks. The control with no ongoing cost. Every supplier you move to ACH or virtual card is a check that cannot be washed. See ACH vendor payments.
- ACH debit blocks and filters. Once your account and routing numbers are out, the exposure is not only checks. Tell your bank which companies may debit the account and block the rest.
- A dedicated disbursement account. Keep a separate, low-balance account that funds only outgoing payments. Your operating balance is not exposed on the face of every check.
- Locked check stock and a controlled signature. Blank stock in a locked cabinet, a log of who took what, and no signature plate that anyone can borrow.
- Segregation of duties. The person who sets up a vendor, the person who approves an invoice, and the person who signs checks should not be the same person, and ideally not two people who sit next to each other.
- Daily reconciliation. Fraud found in three days is often recoverable. Fraud found in sixty days usually is not, because bank agreements typically require prompt notice.
- Mail from the post office counter, not a mailbox. If you must mail checks, do not leave them in an outbound tray or a blue collection box overnight.
How quickly must you report check fraud?
Fast, and faster than most people expect. Under the Uniform Commercial Code and the terms of most business bank agreements, a business customer has a duty to examine its statements promptly and report unauthorized items within a defined window, commonly 30 days from the statement date and sometimes shorter by contract. Miss that window and the loss can shift from the bank to you.
This is why daily or at least weekly reconciliation is a fraud control and not just a bookkeeping habit. A company that reconciles once a month, late, is systematically giving up its own protections. Teams that review cleared items frequently often pull the bank statement into a spreadsheet and diff it against the issued-check register, which surfaces a check that cleared for the wrong amount long before the statement gets formally closed.
Who is liable for a fraudulent check?
It depends on who was negligent, and the answer is less comforting for businesses than for consumers. Broadly, the bank that pays a check bearing a forged drawer signature bears the initial loss, and the depositary bank that accepted a forged endorsement can be liable to the true payee. But that shifts if the account holder's own negligence contributed, for example by failing to secure blank check stock, failing to review statements in the required window, or declining positive pay when the bank offered it.
That last point deserves emphasis. Some bank agreements explicitly shift liability to the customer for losses that positive pay would have prevented, if the customer was offered the service and did not take it. Read the agreement. The service costs a small monthly fee and it can be the difference between a recoverable loss and one you eat.
What does check fraud look like before you lose the money?
There are usually signals, and they show up in accounts payable before they show up on the bank statement.
- A vendor calls to say the check never arrived, and the check has already cleared.
- A check clears for an amount that does not match the issued register, even by a few dollars.
- Check numbers clear out of sequence, or a number clears that was never issued.
- A vendor's remit-to address changes by email, with a plausible-sounding reason and a request for urgency.
- The same invoice is submitted twice through two channels, one with different payment details.
That fourth one is the bridge between check fraud and business email compromise, and it is where the largest losses now come from. A convincing email changes where the money goes, and no amount of check-stock security helps, because you issued the payment yourself. The control is procedural: any change to a vendor's payment details gets verified by a phone call to a number already on file, never a number in the email requesting the change. That belongs in your vendor onboarding process, not in someone's judgment on a busy afternoon.
The uncomfortable conclusion
Every check-fraud control listed above is real and worth implementing, and all of them together are still weaker than simply not sending the check. Positive pay catches an altered check after someone already stole it. ACH means nobody could steal it, because nothing physical left the building carrying your account number.
Most AP teams know this and stay on checks anyway, because a handful of suppliers refuse to change and it feels easier to keep the check run than to have the conversation. The math does not favor that. Look at what a check run costs you in postage, stock, labor, and the fraud exposure, then compare it to what it costs to move those vendors onto a rail where the fraud simply is not available. For the full picture of how payments should leave the building, see B2B payments platform, and for how fraud gets caught upstream at the invoice, see invoice fraud detection software and accounts payable fraud prevention.