With remote deposit capture solutions and image cash letter deposit services, checks are not delivered to the bank. Therefore, safekeeping and ultimate destruction of these electronically deposited items are important new operating procedures for businesses. These practices are designed to mitigate risk and prevent checks that have been electronically deposited from being negotiated a second time, either accidentally or maliciously.
To address risk to the bank and their customers, financial institutions generally stipulate several requirements in their electronic deposit services agreement. Businesses must maintain proper controls over use of the service, as well as the original paper items.
Secure Storage. Checks must be securely stored in a safe or a locked facility. Procedures must be in place to restrict access to authorized personnel only. Do not store check photocopies, customer account information, or private information in a filing system that is accessible to non-authorized personnel.
Check Retention. While Check 21 does not outline specific retention requirements, financial institutions normally stipulate a specific retention period. During this time frame, the bank may request that the depositor provide the original paper check in order to assist in collection of the item.
Check Destruction. At the end of the check retention period, checks must be properly destroyed. Businesses should use a secure method for check destruction, such as on-site paper-shredders or a third party service with employees that are bonded or insured against theft.
Scanner Control. Physical and logical security measures must be in place to protect and limit access to the check scanner(s).
Contingency Plan. In case of an emergency, there must be an alternate procedure established to deposit checks, either electronically or by paper.
Audits. Some financial institutions require periodic on site audits of deposit processes.