The Base Level National Bank of Washington, D. C., uses the financial module in its ERP system to process cash deposits made by its customers. The bank’s ERP module for customer deposit accounting is a batch- processing system. Customers fill out a deposit slip when they deposit cash. The cashier validates the deposit slip, collects the cash, and then issues a dated receipt to the customer to evidence the deposit. The batches of deposit slips are processed overnight in a batch- processing run to update the customer account records.

Two different types of deposit slips might be used by a customer. One type is a blank- form deposit slip that the customer obtains at the bank. Typically, large quantities of blank- form deposit slips are left on counters in the bank’s lobby for the customers’ convenience. A blank-form deposit slip does not contain any pre- entered data. In particular, the customer or the cashier must manually enter the customer’s account number on this form. The other type of deposit slip is contained in a customer’s checkbook. In the case of a checkbook deposit slip, the customer’s account number has already been entered on the form in computer- readable form. Each checkbook deposit slip contains the customer’s account number in magnetic- ink character recognition (MICR) format to facilitate computer processing.

The two types of deposit slips look similar but are distinguishable. When batches of deposit slips are processed in the computer department, one of the first steps is to enter, using a special machine, both the customer’s account number and the amount of the deposit in MICR format at the bottom of each deposit slip. MICR input is used because of the large volume of transactions. Because each checkbook– type slip already has the customer’s account number in MICR, it is only necessary to MICR- encode the amount of the deposit. Both the customer’s account number and the amount of the deposit must be MICR- encoded on the blank- form deposit slips.

Several months ago, Base Level National Bank was the victim of a clever fraud. It seems that some person entered the busy bank and left a stack of fraudulent blank deposit slips on one of the bank’s counters. These deposit slips were exact duplicates of those normally placed on the counters, with one important difference. Each fraudulent blank deposit slip had been MICR- encoded with the account number of a checking account that apparently had been opened under a false name. Recall that the MICR- encoded account numbers are normally entered on the blank- form deposit slips after the deposit has been accepted by a cashier. During the day, the fraudulent deposit slips were used by many people making deposits at the bank. Most or all of these deposits were incorrectly credited to the fraudulent checking account in the overnight computer batch- processing run of the day’s deposit slips. Within a few minutes of opening the next morning, this person returned to the bank, inquired as to his checking account balance, and withdrew 90% of the balance in cash. To date the identity of the person is unknown, and the cash, more than $ 150,000, has not been recovered.

Required

a. What factors contributed to the success of this clever fraud? What role did Base Level’s computer system play in the perpetration of this fraud?

b. Suggest control procedures that could prevent the occurrence of this type of fraud.