What is vendor management?
Vendor management is the act of ensuring that your third-party vendors meet regulatory requirements and contractual obligations. This safeguards your business from …
When someone artificially inflates the value of a financial account to get access to unauthorized funds, they are kiting. Check kiting, the most common form of this fraudulent act, is when an individual deposits a check from an account with insufficient funds to cover the written amount into another bank account. Then, they’ll withdraw the “funds” in account B before the bank realizes that the original check bounced.
Scammers have used this method to make millions of dollars before either bank realizes what happened.
Retail kiting is very similar to check kiting, but the recipient is different. If a shopper writes a fraudulent check at a grocery store or clothing store to make a purchase, they can then write a second check and ask for a cashback payment. The cash then is deposited into their account to cover the first check, starting the retail kiting cycle.
Kiting, which can be committed by individuals or businesses, takes advantage of the lag time between when a check is deposited and when the receiving institution clears the funds. Historically, this process took weeks – now, thanks to digital banking, it only takes a few days or less. Kiting’s popularity skyrocketed throughout the mid-1900s, with many famous fraudsters adopting this method to make money fast.
Kiting certainly isn’t new. Cases of kiting are recorded as far back as the 1920s. It started when people would issue “IOUs” and bonds with no actual pieces of collateral to give them value. The term “kiting” came from flying a kite. When you fly a kite, nothing supports the kite itself but wind, and with kiting, nothing supports the financial commitment but air.
When kiting is successful, there are a few techniques that can be at play. Fraudsters rely on a few key weaknesses to steal funds from one or more financial institutions:
As mentioned above, exploiting the float time – the time it takes financial institutions to verify the validity of newly deposited checks – is the main method of check kiting. As long as the scammer can stay a couple of steps ahead of the bank’s process, their actions can go undiscovered for a while. This technique is usually used in conjunction with the other methods we’ll explain below.
By opening multiple accounts at different banks, bad actors can make it that much harder for one of the banks to figure out what’s going on. Taking advantage of the float time across different institutions can increase the runtime of these schemes and inflate the amount of money that scammers get away with.
After writing one bad check, scammers can continue a never-ending cycle of using bad checks to cover the deposit of previous bad checks. It’s a foolproof scheme – until it’s not!
Thanks to digital banking and other tools, financial institutions have reduced float time and gotten better at preventing kiting before it gets out of hand. But, at the same time that victims of kiting are getting better at preventing it, perpetrators are evolving, too. Scammers can now move funds between bank accounts with a few clicks, vastly improving the speed at which they can commit financial fraud.
With new technologies such as artificial intelligence and machine learning embedded into their banking ecosystem, financial institutions can flag potential fraud automatically. By watching for suspicious behavior like regular overdrafts, a high volume of deposits and withdrawals, or regular use of multiple bank accounts, banks can prevent kiting better than ever.
For scammers, check kiting or retail kiting may feel like an easy way to make some money, but the reality is that kiting rarely goes unchecked for long today, and the consequences of kiting negatively impact everyone involved.
Once unravelled, kiting schemes have major financial implications for all parties involved. The scammer will likely be criminally charged and forced to repay the funds, as well as any other fines or fees as ordered by the courts.
In some cases, if the funds are unrecoverable, financial institutions may have to write off the theft as an expense, absorbing most of the financial impact.
In addition to repaying stolen funds, businesses or individuals that orchestrate kiting schemes could face jail time. There are plenty of instances of kiting resulting in 10 or more years behind bars.
On the institutional side, if a bank fails to detect kiting, other members of the bank could sue the institution for failure to properly care for the funds in their bank account.
Even if other members of the bank don’t go through legal channels to seek damages, they may decide to empty their bank accounts and do business with another institution. Falling victim to fraudulent schemes, whether kiting or cybersecurity attacks, almost always ends with a massive decline in brand reputation and a loss of business.
Often, kiting can be indicative of something bigger going on. It’s a popular way for money launderers or other criminals to move money around in an effort to keep their operations afloat. If unchecked, kiting can take down businesses or individuals who are unknowingly involved in the scheme. Finally, kiting erodes trust in the financial system as a whole. If some banks are struggling to prevent kiting, who’s to say other banks aren’t just as vulnerable?
Kiting may seem like a convenient way to access money, but in the end, everyone involved loses.
One of the most famous institutional downfalls in recent history is the Enron scandal. The energy-trading company overstated the company’s earnings to shareholders, essentially “kiting” the value of the organization and defrauding investors. Sometimes it just takes one bad actor to ruin the financial security of many, but in Enron’s case, thousands of lives were ruined, and its leadership team was complicit at best.
In the end, Enron filed for bankruptcy, many of its executives were indicted and sentenced to prison, the firm’s employees lost their jobs and financial security, and anyone who had invested in Enron lost everything they had tied up in the organization. The scandal brought about a new wave of accounting laws, most notably the Sarbanes-Oxley Act, to prevent the same behavior in the future.
As much as it has changed in the last decade, kiting isn’t going away anytime soon. To protect yourself or your business from kiting, getting well-versed on the following items is key.
One of the biggest tools for preventing kiting is technology. Is someone making odd transactions? Do they seem to have a lot of strange account behavior? Do they have multiple accounts? If your system can flag these behaviors, you’ll be further ahead than most. Additionally, using secure systems for making business payments – like Eftsure – can insulate your organization from the risks of kiting.
Audits aren’t just to check your own organization’s accounting practices, they’re to make sure that detailed transactions check out at the end of the day. It’s also important that lawmakers directly attack kiting with new regulations nationwide. One such piece of legislation – Check 21 – was written to prevent kiting, but with new weaknesses to exploit, more legislation is needed.
Usually, customers involved in check-kiting are good customers. They may be agreeable and friendly when your team talks to them, but behind the scenes, you should be monitoring account holder behaviors such as overdrafts covered with checks and not cash, frequent deposits and withdrawals, multiple bank accounts, and more.
Vendor management is the act of ensuring that your third-party vendors meet regulatory requirements and contractual obligations. This safeguards your business from …
Multi-factor authentication (MFA) is a security method that requires users to prove their identity using two or more distinct factors before accessing …
Imposter scams are a type of fraud where scammers pretend to be trusted individuals, companies, or government agencies to deceive victims into …
End-to-end B2B payment protection software to mitigate the risk of payment error, fraud and cyber-crime.