Remotely Created Checks
A closely related transaction to electronic check conversion, in that there is an authorization to debit an account, is the Remotely Created Checks (RCC). A remotely created check (sometimes called a “demand draft”) is a check, often created by a payee or its service provider, drawn on a customer’s bank account.
The check often is authorized by the customer remotely, by telephone or on-line and therefore does not bear the customer’s handwritten signature. An RCC does not bear the signature of a person on whose account the check is drawn. In place of the signature, the RCC bears the account holder’s printed or typed name or a statement that the account holder authorized the check. A demand draft created by the paying bank is not an RCC. See definition of RCC in Regulation CC. The account holder can authorize the creation of an RCC by telephone by providing the appropriate information, including the MICR data. Common examples of RCCs are those created by a credit card company, utility company, or telemarketer. RCCs may be processed through the check clearing networks or converted and processed as an ACH debit.
The risk of fraud associated with RCCs is similar to the risk associated with other kinds of debits that post to bank accounts. A fraudster might obtain an account holder’s account number by copying that information from one of the account holder’s authorized checks, or by tricking the account holder into providing the information over the telephone or the Internet. Once a fraudster obtains the account information, he or she has the data necessary to originate unauthorized RCC transactions through the check collection system or the ACH network. As with all payment systems and mechanisms, a financial institution must also assume responsibility for an effective system of internal controls and ongoing account monitoring related to RCCs.
For RCCs, the check and ACH rules differ as to how an accountholder receives a re‑credit for an unauthorized transaction and how the loss is allocated among the participating financial institutions. ACH debits to consumer accounts are governed by applicable ACH rules and by the Electronic Fund Transfer Act and Regulation E. Unauthorized checks posted to consumer accounts are governed by check law, which includes the Uniform Commercial Code (UCC), as enacted in the applicable state, as well as the Expedited Funds Availability Act, as implemented by the Federal Reserve Board’s Regulation CC. In instances when checks are converted to ACH entries, applicable ACH rules apply.
If an unauthorized ACH debit is posted to a consumer’s account, Regulation E gives the consumer 60 days after an institution transmits to the consumer a periodic account statement to report that the ACH debit was unauthorized. Regulation E imposes obligations on the consumer’s financial institution with respect to error resolution procedures and refunds of unauthorized payments. When a consumer receives a refund for an unauthorized ACH debit, ACH rules permit the consumer’s financial institution to recover the amount of the unauthorized payment by returning the debit item to the originating financial institution within the time permitted.
In the case of checks, a financial institution may not charge a customer’s account for a check that is not properly payable from that account. The customer has a right to a re-credit for an unauthorized check so long as the customer makes the claim within the time frame permitted by the UCC and the account agreement. Unlike Regulation E, the UCC does not contain specific re-credit procedures that a financial institution must follow. With respect to the allocation of losses for unauthorized checks between financial institutions, the risk of loss falls generally on the paying financial institution, which historically has been in the best position to determine the validity of the drawer’s signature. Under the UCC, a paying financial institution becomes accountable for a check unless it returns the check by its midnight deadline. The “midnight deadline” for the return of a check is midnight on the next banking day following the banking day on which the check is presented. With the exception of an RCC, if a paying financial institution re-credits a customer’s account for an unauthorized check, generally it cannot make a claim against a previous financial institution for an unauthorized drawer’s signature after the midnight deadline has passed.
In response to the perceived risk of fraud, legal initiatives have shifted the risk related to unauthorized RCCs from the paying financial institution to the bank of first deposit. This shift is based on the theory that, for unauthorized RCCs, the bank of first deposit is in the best position to know its customer (the creator of the RCC) and to determine the legitimacy of its customer’s deposits. A UCC revision that reallocates this risk for RCCs has not yet been widely adopted by the states. Among the states that have enacted amendments to the UCC, the definitions and warranties are not uniform in their scope or requirements. Under the pre-existing provisions of the UCC, the paying financial institution, not its customer, is responsible for unauthorized checks. Providing the paying financial institution with the ability to recover against the financial institution that presented the unauthorized RCC can make it easier for customers to obtain re-credits.
The Federal Reserve Board amended Regulation CC effective July 1, 2006, to reallocate the risk of loss resulting from unauthorized RCCs. Under the amendments, any financial institution that transfers or presents an RCC warrants that the person on whose account the check is drawn authorized the issuance of the check in the amount and to the payee stated on the RCC. The warranty applies only to financial institutions and does not directly create any new rights for checking account customers. Also, any financial institution that received an RCC from another financial institution has up to a year to make a claim against the transferring financial institution for an unauthorized RCC. Similarly, the Board amended Collection of Checks and Other Items by Federal Reserve Banks and Funds Transfers Through Fedwire (Regulation J) in 2006 to clarify that the new warranties apply to RCCs collected through the Reserve Banks. In conjunction with Regulation CC, Regulation J shifted the liability for losses attributable to unauthorized RCCs to the depository financial institution where the check is first cashed or deposited.
Because RCCs are cleared in the same manner as traditional checks, and because nothing unique identifies a check as an RCC unless the signature block on the check is examined, there is currently no efficient way of measuring the volume or use of RCCs.
Source: FFIEC IT Examination Handbox InfoBase