Positive Pay and Banking Fraud Prevention: The Bank Service That Stops Check and ACH Fraud Before Posting
Banking fraud against business accounts — forged checks, altered payees, altered amounts, unauthorized ACH debits — produces substantial losses. Traditional bank reconciliation catches fraud after the fact, when funds are gone. Positive Pay services flip this — banks compare presented items against issued check files, blocking unauthorized items before they post. ACH Positive Pay extends to electronic transactions. Combined with strong internal controls, Positive Pay substantially reduces fraud risk.
Construction companies, with high transaction volumes, multiple bank accounts, and large payments, face elevated fraud risk. Positive Pay is among most cost-effective fraud prevention measures available. This post covers Positive Pay and related fraud controls.
Check Positive Pay matches issued to presented:
Check Positive Pay
- Issued check file uploaded daily to bank
- Bank compares presented checks to file
- Match (number, payee, amount) auto-pays
- Mismatch holds for review
- Customer reviews exceptions
- Approval or rejection by deadline
- Bank pays approved, returns rejected
Standard Check Positive Pay matches check number, payee, and amount. Daily issued file uploaded to bank. Presented checks matched in real-time. Mismatches held for customer review. Customer pays or rejects. Bank executes per customer decision. Fraudulent checks rejected before posting.
Payee Positive Pay verifies name:
Payee Positive Pay
- Beyond standard PP — also matches payee name
- OCR reads payee on presented check
- Compares to issued payee
- Catches altered payee fraud
- More common with significant fraud history
- Slightly higher cost
- Higher protection level
Payee Positive Pay reads payee from presented check via OCR and compares to issued payee. Catches altered payee fraud where check stolen and payee changed. Higher level of protection than standard PP. Slightly higher cost but substantially better protection in fraud-active environments.
Reverse PP for some workflows:
Reverse Positive Pay
- All presented checks reviewed by customer
- Customer approves before bank pays
- No issued file required
- Suitable for low-volume
- More manual
- Older workflow
Reverse Positive Pay reviews all presented checks (not just exceptions). Customer approves each before bank pays. No issued check file uploaded. Manual approach suitable for low-volume situations. Standard PP generally preferred where check volume supports issued file maintenance.
ACH Positive Pay extends to electronic:
ACH Positive Pay
- ACH debits reviewed before posting
- Authorized list of originating companies
- Whitelist approach
- Unauthorized debits blocked
- Customer reviews exceptions
- Approval timeline
- Critical for ACH fraud prevention
ACH Positive Pay protects against unauthorized ACH debits. Whitelist of approved originators (vendors that may debit). Unauthorized debits blocked, requiring customer approval. Critical given ACH fraud growth. Standard banking service for business accounts. ACH debit blocks completely (alternative to PP) work for accounts where no ACH debits should occur.
Implementation steps:
Implementation
- Bank service activation
- Issued file format setup
- Daily file generation process
- Exception review workflow
- Approval authorities
- Backup procedures
- Testing before go-live
- Training for AP staff
Implementation requires bank service activation, integration of issued file generation with AP/payment systems, daily file uploads, exception review workflow, and clear approval authorities. Testing before go-live verifies process. Training ensures AP can handle exceptions properly. Setup investment substantial; ongoing operation routine.
Get AP insights in your inbox
A short monthly roundup of construction AP + accounting posts. No spam, ever.
No spam. Unsubscribe anytime.
ERP Integration
Integration with payment systems:
ERP integration
- Automated file generation from AP
- Cancellation file when checks voided
- Stop payment integration
- Reissue handling
- Multiple bank account support
- Consolidated or separate by account
Modern ERP systems generate Positive Pay files automatically. Cancellations sent when checks voided. Stop payment integration. Multiple bank accounts handled separately. Quality integration removes manual burden. Manual file generation possible for smaller operations but error-prone.
Positive Pay alone doesn't prevent all fraud — controls behind the issued check file matter. If fraudster gets into AP system and creates fraudulent checks plus updates issued file, both match. Strong access controls, segregation of duties, and approval workflows behind the issued file remain essential. PP catches checks fraudsters create outside the AP system; internal controls catch fraud within.
Exceptions need timely review:
Exception handling
- Daily exception review
- Review deadline (e.g., 11 AM) for same-day decision
- Designated reviewers
- Backup reviewers for vacation
- Investigation of exceptions
- Reject suspicious
- Pay legitimate variations
- Document decisions
Exception review is ongoing operational responsibility. Banks have specific deadlines for decisions. Designated reviewers with backups. Each exception investigated — most are legitimate variations (number reused, manual checks not in file). Suspicious items rejected, investigated. Decisions documented.
Cost-benefit favorable:
Cost-benefit
- Bank service fee modest ($25-100/month typical)
- Exception review labor
- Single fraud incident often exceeds annual cost
- Insurance discounts sometimes
- Audit committee requirement increasingly
- ROI obvious
Bank fee modest. Operational labor for exception review small. One avoided fraud incident covers years of cost. Insurance carriers offer discounts on cyber and crime coverage. Audit committees increasingly require for SOX compliance and best practice. ROI obvious for any meaningful payment volume.
Positive Pay and ACH Positive Pay services prevent payment fraud by comparing presented items to authorized files before posting. Check Positive Pay matches number, payee, and amount. Payee Positive Pay reads payee for additional verification. ACH Positive Pay reviews ACH debits against approved originators. Implementation integrates AP systems with bank services. Exception handling requires timely review per bank deadlines. Cost-benefit strongly favorable for any meaningful payment volume. Strong internal controls behind issued files complement PP. Construction companies face elevated fraud risk from high transaction volumes — PP is essential fraud prevention. For any construction company not using Positive Pay, implementation is among most cost-effective fraud prevention investments available. Bank fraud prevention is foundational AP and treasury hygiene.
Written by
Sarah Blake
Head of Product
Former AP Manager at a $200M construction firm, now leads product at Covinly. Writes about what AP teams actually need from automation — beyond the marketing promises.
View all posts