Altering Cheques Prepared by Others: “Tacking On”

The other method that can be used by perpetrators to alter cheques prepared by others is “tacking on” additional letters or words to the end of the real payee designation. For instance, cheques payable to “ABC” company might be altered to read “A.B. Collins.” The employee then cashes the cheques in the name of A.B. Collins. In these cases, the simple inclusion of a filler line after the payee designation would prevent the loss.

In addition to altering the payee designation, the amount of the cheque can be altered by tacking on extra numbers if the person preparing the cheque is careless and leaves space for extra numbers in the “Amount” portion of the cheque.

Altering Cheques Prepared by the Fraudster: Erasable Ink

When the perpetrator prepares the cheque that is to be altered, the schemes tend to be a bit more sophisticated. The reason for this is obvious: If the perpetrator is able to prepare the cheque himself, he can prepare it with the thought of how the payee designation will be changed. One of the most common ways to prepare a cheque for alteration is to write or type the payee’s name (and possibly the amount) in erasable ink. After an authorised maker signs the cheque, the perpetrator retrieves the cheque, erases the payee’s name, and inserts his own.


A bookkeeper printed small cheques to a local supplier and had the company’s owner sign them. The bookkeeper then put the cheques back in the printer so she could alter the payee and cheque amount. For instance, the owner might sign a $10 cheque that later became a

$10,000 cheque. These cheques were entered in the disbursements journal as payments for aggregate inventory to the company’s largest supplier, who received several large cheques each month. The bookkeeper stole over $300,000 from her employer in this scheme.

Where a proper separation of duties is in place, a person who prepares a cheque should not be permitted to handle the cheque after it has been signed. Nevertheless, this is exactly what happens in most altered payee schemes. The person who prepares the cheque knows that the maker of the cheque will return it to him after it has been signed.

Altering Cheques Prepared by the Fraudster: Blank Cheques

The most egregious example of poor controls in the handling of signed cheques is one in which the perpetrator prepares a cheque, leaves the payee designation blank, and submits it to an authorised maker who signs the cheque and returns it to the employee. Obviously, this makes it quite easy for the perpetrator to designate himself or an accomplice as the payee. Common sense should prevent anyone from giving a signed, blank cheque to another

person. Nevertheless, this is a fairly common occurrence, especially when the perpetrator is a trusted long-time employee.

Converting Altered Cheques

As with all other types of fraudulent cheques, conversion is accomplished by endorsing the cheques in the payee’s name. Conversion of fraudulent cheques has already been discussed in previous sections and will not be re-examined here.

RELATED:  Cheque Tampering Frauds - Part 1

Authorised Maker Schemes

The final cheque tampering scheme, the authorised maker scheme, might be the most difficult to defend against. An authorised maker scheme occurs when an employee with signature authority on a company account writes fraudulent cheques for his own benefit and signs his own name as the maker. (See the “Authorised Maker Schemes” flowchart that follows.) The perpetrator in these schemes can write and sign fraudulent cheques himself.

He does not have to alter a pre-prepared instrument or forge the maker’s signature.

Overriding Controls Through Intimidation

When a person is authorised to sign company cheques, preparing the cheques is easy. The employee simply writes and signs the instruments the same way he would with any legitimate cheque. In most situations, cheque signers are owners, officers, or otherwise high-ranking employees and thus have or can obtain access to all the blank cheques they need. Even if company policy prohibits cheque signers from handling blank cheques, the perpetrator can normally use his influence to overcome this impediment. What employee is going to tell the CEO that he can’t have a blank cheque?

The most basic way an employee accomplishes an authorised maker scheme is to override controls designed to prevent fraud. Most authorised signatories have high levels of influence within their companies. The perpetrators use this influence to deflect questions about fraudulent transactions.

A common authorised maker scheme is one in which a majority owner or sole shareholder uses his company as a sort of alter ego, paying personal expenses directly out of company accounts. Instead of paying personal expenses, the perpetrator might cut cheques directly to himself, his friends, or his family. Using fear of job security as a weapon, the owner can maintain a work environment in which employees are afraid to question these transactions.

High-level managers or officers might also use their authority to override controls in those companies with absent or inattentive owners. Intimidation can play a large part in the commission and concealment of occupational fraud schemes involving powerful individuals.


The manager of a sales office stole approximately $150,000 from his employers over a two- year period. This manager had primary cheque-signing authority and abused this power by writing company cheques to pay his personal expenses. The manager’s fraudulent activities were well known by certain members of his staff, but these employees’ careers were controlled by the perpetrator. Fear of losing their jobs combined with lack of a proper whistleblowing structure prevented the manager’s employees from reporting his fraud.

Chart: Authorized Marker Schemes

cheque tampering

Poor Controls

Although overriding controls is the most blatant way to execute an authorised maker scheme, it is not the most common. Far more of these schemes occur because no one is paying attention to the accounts and few controls are present to prevent fraud. Some employees who write cheques to themselves or to purchase items for themselves simply code the cheques to expense accounts that they know are not likely to be reviewed.

RELATED:  Cheque Tampering Frauds – Part 4

The failure to closely monitor accounts is supplemented by lack of internal controls, specifically the absence of separation of duties in the cash disbursements process. Employees who commit authorised maker fraud are often in charge of reconciling the business’s bank accounts. This is especially common in small businesses. Employees with total control over the disbursements process are in a perfect position to write fraudulent cheques for their own benefit.

Concealing Cheque Tampering Schemes

Most cheque tampering schemes do not consist of a single occurrence but instead continue over a period of time. Therefore, concealing the fraud is arguably the most important aspect of the scheme. If an employee intended to steal a large sum of money and escape to another country, hiding the fraud might not be so important. But the vast majority of occupational fraudsters remain employees of their companies as they continue to steal from them, which makes concealment the key to the crime.

Concealment of the fraud means not only hiding the criminal’s identity, but also hiding the fact that a fraud has even occurred. The most successful frauds are those in which the victim organisation is unaware that it is being robbed. Obviously, once a business learns that it is being victimised it will take steps to find the source and put a stop to the scheme.

Cheque tampering schemes can present especially tricky concealment problems for dishonest employees. In other types of fraudulent disbursements such as invoice or payroll schemes, someone other than the perpetrator enters the fraudulent payment in the books as a legitimate transaction. The payments in those schemes are generated by the production of false documents that cause accounts payable personnel to think that money is owed to a particular person or vendor. When accounts payable issues a disbursement for a bogus

invoice, it does so because it believes the invoice to be genuine. The payment is then entered in the books as a legitimate payment. In other words, the perpetrator generally does not have to worry about concealing the payment in the books because someone else unwittingly does it for him. But in forgery and authorised maker schemes, the perpetrator is the one writing the cheque, and he is usually the one coding the cheque in the disbursements journal. He must “explain” the cheque on the books.

Forged endorsement schemes and altered payee schemes are different because they involve the alteration of cheques that were already prepared and coded by someone else. Nevertheless, they create a problem for the perpetrator because the intercepted cheque was intended for a legitimate recipient. Someone is out there waiting for the cheque that the perpetrator has taken. The culprit in these schemes must worry not only about hiding the fraud from his employer, but also about appeasing the intended payee.

The Fraudster Reconciling the Bank Statement

RELATED:  Cheque Tampering Frauds – Part 2

A large percentage of those who perpetrate cheque tampering frauds are involved in reconciling the company’s bank statement. The bank statement that a company receives normally includes the cancelled cheques that have been cashed in the preceding period. A person who reconciles the accounts is therefore in a position to hide the existence of any fraudulent cheques he has written to himself. He can remove the fraudulent cheques or doctor the bank statement or both.

In forged maker and authorised maker schemes, the perpetrator usually has to code the cheque in the disbursements journal. The most basic way to hide the cheque is to code it as “void” or to include no listing at all in the journal. Then, when the bank statement arrives, perpetrators remove the fraudulent cheque from the returned cheques and destroy it or alter the bank statement. Now there is no record of the payment in the journal and no physical evidence of the cheque on hand. Of course, the bank will have a copy of the cheque, but unless someone questions the missing cheque it is unlikely that the company will discover the problem. And since the perpetrator is the one who reconciles the account, it is unlikely that anyone will even notice that the cheque is missing.

The problem with simply omitting the fraudulent cheque from the disbursements journal is that the bank balance will not reconcile to the book balance. For instance, if the perpetrator wrote a $25,000 cheque to himself and did not record it, then the book balance will be

$25,000 higher than the bank balance ($25,000 was taken out of the bank account by the perpetrator, but was not credited out of the company’s cash account). Perpetrators usually omit their illicit cheques from the disbursements journal only in situations in which they personally reconcile the bank statement and no one reviews their work, thus allowing fraudsters to “force” the reconciliation. In other words, fraudsters report that the bank balance and book balance match when in fact they do not.

Some victim organisations simply do not regularly reconcile their accounts. This makes it easy for employees to write cheques without recording them. In a system in which controls are so lax, almost any concealment method will be effective to disguise fraud. In fact, it might not be necessary to make any effort at all to conceal the crime.

Some fraudsters physically alter the bank statement to cause it to match the company’s book balance. For instance, a person engaging in a forged maker scheme might decide to steal blank cheques from the bottom of the cheque stock. These cheques are out of sequence and therefore will be listed last on the bank statement. This employee can delete the clump of fraudulent cheques at the end of the statement and alter the balance to match the victim company’s books.

Cheque Tampering Frauds – Part 3

Leave a Reply

Your email address will not be published. Required fields are marked *