11
Sep 19

NY Payroll Company Vanishes With $35 Million

MyPayrollHR, a now defunct cloud-based payroll processing firm based in upstate New York, abruptly ceased operations this past week after stiffing employees at thousands of companies. The ongoing debacle, which allegedly involves malfeasance on the part of the payroll company’s CEO, resulted in countless people having money drained from their bank accounts and has left nearly $35 million worth of payroll and tax payments in legal limbo.

Unlike many stories here about cloud service providers being extorted by hackers for ransomware payouts, this snafu appears to have been something of an inside job. Nevertheless, it is a story worth telling, in part because much of the media coverage of this incident so far has been somewhat disjointed, but also because it should serve as a warning to other payroll providers about how quickly and massively things can go wrong when a trusted partner unexpectedly turns rogue.

Clifton Park, NY-based MyPayrollHR — a subsidiary of ValueWise Corp. — disclosed last week in a rather unceremonious message to some 4,000 clients that it would be shutting its virtual doors and that companies which relied upon it to process payroll payments should kindly look elsewhere for such services going forward.

This communique came after employees at companies that depend on MyPayrollHR to receive direct deposits of their bi-weekly payroll payments discovered their bank accounts were instead debited for the amounts they would normally expect to accrue in a given pay period.

To make matters worse, many of those employees found their accounts had been dinged for two payroll periods — a month’s worth of wages — leaving their bank accounts dangerously in the red.

The remainder of this post is a deep-dive into what we know so far about what transpired, and how such an occurrence might be prevented in the future for other payroll processing firms.

A $26 MILLION TEXT FILE

To understand what’s at stake here requires a basic primer on how most of us get paid, which is a surprisingly convoluted process. In a typical scenario, our employer works with at least one third party company to make sure that on every other Friday what we’re owed gets deposited into our bank account.

The company that handled that process for MyPayrollHR is a California firm called Cachet Financial Services. Every other week for more than 12 years, MyPayrollHR has submitted a file to Cachet that told it which employee accounts at which banks should be credited and by how much.

According to interviews with Cachet, the way the process worked ran something like this: MyPayrollHR would send a digital file documenting deposits made by each of these client companies which laid out the amounts owed to each clients’ employees. In turn, those funds from MyPayrollHR client firms then would be deposited into a settlement or holding account maintained by Cachet.

From there, Cachet would take those sums and disburse them into the bank accounts of people whose employers used MyPayrollHR to manage their bi-weekly payroll payments.

But according to Cachet, something odd happened with the instructions file MyPayrollHR submitted on the afternoon of Wednesday, Sept. 4 that had never before transpired: MyPayrollHR requested that all of its clients’ payroll dollars be sent not to Cachet’s holding account but instead to an account at Pioneer Savings Bank that was operated and controlled by MyPayrollHR.

The total amount of this mass payroll deposit was approximately $26 million. Wendy Slavkin, general counsel for Cachet, told KrebsOnSecurity that her client then inquired with Pioneer Savings about the wayward deposit and was told MyPayrollHR’s bank account had been frozen.

Nevertheless, the payroll file submitted by MyPayrollHR instructed financial institutions for its various clients to pull $26 million from Cachet’s holding account — even though the usual deposits from MyPayrollHR’s client banks had not been made.

REVERSING THE REVERSAL

In response, Cachet submitted a request to reverse that transaction. But according to Slavkin, that initial reversal request was improperly formatted, and so Cachet soon after submitted a correctly coded reversal request.

Financial institutions are supposed to ignore or reject payment instructions that don’t comport with precise formatting required by the National Automated Clearinghouse Association (NACHA), the not-for-profit organization that provides the backbone for the electronic movement of money in the United States. But Slavkin said a number of financial institutions ended up processing both reversal requests, meaning a fair number of employees at companies that use MyPayrollHR suddenly saw a month’s worth of payroll payments withdrawn from their bank accounts.

Dan L’Abbe, CEO of the San Francisco-based consultancy Granite Solutions Groupe, said the mix-up has been massively disruptive for his 250 employees.

“This caused a lot of chaos for employers, but employees were the ones really affected,” L’Abbe said. “This is all very unusual because we don’t even have the ability to take money out of our employee accounts.”

Slavkin said Cachet managed to reach the CEO of MyPayrollHR — Michael T. Mann — via phone on the evening of Sept. 4, and that Mann said he would would call back in a few minutes. According to Slavkin, Mann never returned the call. Not long after that, MyPayrollHR told clients that it was going out of business and that they should find someone else to handle their payroll.

In short order, many people hit by one or both payroll reversals took to Twitter and Facebook to vent their anger and bewilderment at Cachet and at MyPayrollHR. But Slavkin said Cachet ultimately decided to cancel the previous payment reversals, leaving Cachet on the hook for $26 million.

“What we have since done is reached out to 100+ receiving banks to have them reject both reversals,” Slavkin said. “So most — if not all — employees affected by this will in the next day or two have all their money back.”

THE VANISHING MANN

Cachet has since been in touch with the FBI and with federal prosecutors in New York, and Slavkin said both are now investigating MyPayrollHR and its CEO. On Monday, New York Governor Andrew Cuomo called on the state’s Department of Financial Services to investigate the company’s “sudden and disturbing shutdown.”

A tweet sent Sept. 11 by the FBI’s Albany field office.

The $26 million hit against Cachet wasn’t the only fraud apparently perpetrated by MyPayrollHR and/or its parent firm: According to Slavkin, the now defunct New York company also stiffed National Payment Corporation (NatPay) — the Florida-based firm which handles tax withholdings for MyPayrollHR clients — to the tune of more than $9 million.

In a statement provided to KrebsOnSecurity, NatPay said it was alerted late last week that the bank accounts of MyPayrollHR and one of its affiliated companies were frozen, and that the notification came after payment files were processed.

“NatPay was provided information that MyPayrollHR and Cloud Payroll may have been the victims of fraud committed by their holding company ValueWise, whose CEO and owner is Michael Mann,” NatPay said. “NatPay immediately put in place steps to manage the orderly process of recovering funds [and] has more than sufficient insurance to cover actions of attempted or real fraud.”

Requests for comment from different executives at both MyPayrollHR and its parent firm ValueWise Corp. went unanswered, and the latter’s Web site is now offline. Several erstwhile MyPayrollHR employees reached via LinkedIn said none of them had seen or heard from Mr. Mann in days.

Meanwhile, Granite Solutions Groupe CEO L’Abbe said some of his employees have seen their bank accounts credited back the money that was taken, while others are still waiting for those reversals to come through.

“It varies widely,” L’Abbe said. “Every bank processes differently, and everyone’s relationship with the bank is different. Others have absolutely no money right now and are having a helluva time with their bank believing this is all the result of fraud. Things are starting to settle down now, but a lot of employees are still in limbo with their bank.”

For its part, Cachet Financial says it will be looking at solutions to better detect when and if instructions from clients for funding its settlement accounts suddenly change.

“Our system is excellent at protecting against outside hackers,” Slavkin said. “But when it comes to something like this it takes everyone by complete surprise.”

Tags: , , , , , , , ,

141 comments

  1. Thank you very much for this piece, Mr. Krebs. It was presented to me through Google News today. Yours was the first mention of it I found after having read the Journal News e-newspaper and the New York Times briefing this morning. The story certainly bears more attention.

  2. Sad story and certainly hope that the financial insurance I think exists for people harmed this was is actually there to remedy their loss.

    Still, I find the comment:

    “Our system is excellent at protecting against outside hackers,” Slavkin said. “But when it comes to something like this it takes everyone by complete surprise.”

    a bit worrisome. I thought it was largely known to security type people that the biggest threats came from the inside, trusted network, not outside the firewalls. One would have thought various audits and checks would have been in place to ensure redirecting of funds was not just something that could be accomplished but changing the deposit account in the file.

    Well, nothing is 100% and it’s a hard lesson learned . Hopefully not too hard on the innocent bystanders that bear the brunt and hopefully well learned by the companies, security and application designers that build and provide these types of services.

    • This was not a security threat. This was fraud committed by a client.

      Your personal bank has the same problem. You are capable of writing checks for amounts greater than your available balance. Due to how checks are processed, someone depositing such a check will initially have their account credited then the transaction reversed in a few days. Depending on timing, that person could spend the money they don’t actually have.

      Normally, people will cover shortfalls and the reversal never happens. Or your bank will honor a shortfall up to some amount and just charge you an overdraft fee. However, if you are determined to commit fraud, then those fees won’t matter and at a certain point, things will be really bad for someone.

      There’s no way for the bank to tell the difference between someone who wrote a check anticipating they will make a deposit to cover it, someone who accidentally wrote a check early and will cover the shortfall and overdraft fees later, or someone about to commit massive fraud.

      If you can solve this problem, you’d become rich selling your solution to every bank out there and all companies who deal with similar issues like what happened here.

      • Solving that problem is easy, but it would require inconvenience of both banks and end users, and large cost outlay to upgrade systems and software, and need near universal acceptance.

        Banks aren’t interested in any of that.

        • Somguy, Correction, banks do want to solve that – it would kill the fake check industry (most popular type of fraud) . There are projects in the works that would be using a form of blockchain tech that would allow transactions to be almost instantaneous. However it will require all banks that do exchanges with each other to participate. So once a “good” system is designed, it will still take about 5 years to implement. But it will save us (banks and customers) money on multiple fronts.

      • Fraud prevention measures are non-existent or weak at best. In an economy driven by transactions, financial institutions instead focus on fraud recovery. They can afford to take the long view because they have the holdings, leaving their customers and everyone else in the chain left hanging while things get sorted.

      • “This was fraud committed by a client.”

        You mean a vendor.

  3. Daily Mail has picked up on this. Good job Brian Krebs! You have so much detail in your article and it’s really important that everyone know what happened.

  4. So, what happened to the $26M+ in the now frozen account? Did the inquiry lead to the account being frozen before the money hopped again or what?

  5. I am guessing the CEO is now long gone out of the country and no where to be found…lol
    It is amazing someone can do such a thing to hard working individuals who have way less money than this guy and sometimes have to struggle to make ends meet

    This is guy is a CEO – so what is he going to do with the other money he stole, I hope they catch him…

    There should have been more checks and balances to prevent this kind of thing, IMHO and I apologize if I am offending the other company but what kind of system uses a text file to determine how much to withdraw from a bank account, perhaps there are checks I don’t know and the geek in me is just overreacting too much…lol

    • Actually pretty normal. For many years, the standard was the BACS transaction – a text file (fixed length fields, designed for ease of use by COBOL systems, which shows its age a bit) with one line per outbound transaction (payroll payment in this case) followed by one “contra” record which instructed the funds to cover the payments to be taken from a specified account. A newer standard (CHAPS) which can clear the same day (but carries higher fees) is also a text file, but in a less bulk-friendly format.

    • Sounds like the file was a ‘seed’ file. Unless Cachet had a reason to run checks to verify the accts, highly doubt anyone would have known the file was corrupted. Cachet though, should have some type of mechanism to sound an alarm on the Holding Acct if there is no money. Hard to believe there was no failsafes built in for just this type of scenario. I see lawsuits coming against the banks that processed an improperly formatted reversal request. This process should never be automatic. A quick conference call with all interested parties should have been the order of the day, and a request to freeze the accounts instead of issuing a reversal.

      • Thats a fake answer!! Cache used the same program
        every day to run transactions, standard deposits, standard reversals!

        Cache should never have debited these employee accounts, multiple times, they had stopped the
        transfer to Mr Manns frozen account!!

        they should have done nothing!!!
        Just returned the salary payment to the employers
        and then have the employers write check!!

        Instead Cache went wild wrecking these accounts,
        if you notice, cache never sent the money to Mr mans
        account , since it was frozen!!

        Cache has the money and should return it to the
        employers or employers!!

    • Q: “what kind of system uses a text file to determine how much to withdraw from a bank account”

      A: Legacy systems.

      Standards evolved in this area approximately forty to fifty years ago, when a lot of the fancy features we take for granted today did not exist, and evolution since that time has always required backwards compatibility. You’d be amazed to know what code is running deep inside many of the most critical functions, because updating it would risk breaking it, and one thing about critical systems is that they should not be broken.

      • Most files passed from computer to computer , are just
        text files formatted in xml (English text), or jason or html, formatted according to financial industry standards,or some other web based text format!!!

        long gone are the IBM standards of highly encrypted and strict formatting!!!(those IBM file formats are called DIF files today).

        It seems like cache financial discovered the fraud
        stopped the transfer to MR mans frozen account.

        Then proceeded to wreck these employees accounts!!

        The article sounds like Mr Mann was frozen out of his
        account and forced out of business!!

        Then Cache went wild debiting funds it had never
        deposited to these banks!

        It seems like this whole mess is the fault of Cache
        financial, they should have just deposited the employers funds back in the employers accounts,
        since they could not complete the transactions!

        In any case the banks have ans absolute responsibility
        to return any funds to the account holders, immediately(with in 3 days).

        If the bank does not return the funds to the account
        holders, then they should filed claims withe the
        federal reserve: consumer protection bureau,
        on the cpb web site. Banks must settle the claim in
        14 days.

  6. Thanks for this very lucid article. I live near MyPayroll’s headquarters, and have been trying to follow this story closely, but none of the local papers has a reporter capable of explaining it clearly. I’m surprised it hasn’t broken nationally yet, but I bet it does today. Pioneer Bank has been suspiciously silent despite inquiries, and I am guessing that the 26M has vanished along with Michael Mann, notwithstanding the supposedly frozen account.

    • Something tells me Mr. Mann boarded a plane headed to a country with no extradition treaty shortly after he told Cachet he would “call them back”.

      • Extradition treaty or no, I’m sure the private sector (banks and insurers), have investigators trying to track him down as we speak.
        And until he is caught, he will be looking over his shoulder all the time. Can’t imagine it’d be worth it — all that money and no way to conspicuosly spend it.

        • You can get very very drunk for a couple of weeks if you’ve got $35 million in a suitcase.

          Wasn’t the Mexican border traditionally the place fugitives headed for? Not any more, I think. My entry for the “find-the-outlaw” competition has to be Canada.

          • Brazil for many years had no extradition treaty.

          • Excellent piece. I had first read of this somewhere else (I regularly read the Daily Mail) but with hysterical reporting intended to inflame people to vote Democrat but covering limited facts. I decided to do research and I found this piece in Krebs. Thanks for explaining how things work on payroll paid through third parties.
            Back in 2011 I had corporate bond interest paid to me then rescinded a week later. My brokerage house explained the bond trustee had paid the interest then the company (Trans Lux, the ticker people) didn’t reimburse the trustee so the trustee reversed the deal.
            The whole thing is akin to what happens when someone pays you with a bad check, which I’ve had happen several times. I work for a state government; I wonder what security procedures my state has in place that this doesn’t happen. Of course not too many years ago there was a serious proposal in Washington DC by reputable people to expropriate everyone’s retirement accounts and use that money to pay off the national debt.

    • This is why syndication is important. The local news just buys the article for a nominal fee from this site and presents the article with Krebs as the author, like AP and Reuters. Don’t expect local reports to know how to cover stories like this. Their role is to report on local interest stories, like a new school opening or a traffic accident.

  7. [“Our system is excellent at protecting against outside hackers,” Slavkin said. “But when it comes to something like this it takes everyone by complete surprise.”]

    Insider threats are REAL. The fact that this took Cachet “by suprise” tells me that they have a weak security posture.

  8. To protect against unexpected paycheck reversals for “corrections”, I having been using a practice that I would advise to anyone receiving direct deposits. Go to your bank and setup an account for the sole purpose of receiving these inbound transfers.

    Choose an account type that has the least fees, transaction limits, and minimum balance requirements, then provide that account to employers or other sources that will send you electronic funds. Reversals of wire payments (which these payroll deposits are) can only happen if the reversal is for the EXACT AMOUNT previously deposited from the EXACT ACCOUNT where the funds were deposited AND only if that account has funds available to cover the full amount of the reversal.

    As soon as you know the funds have been received, just transfer the money out of that account into the account(s) that you use for your primary banking transactions, and you will be protected from funds disappearing without prior knowledge. If there truly was a banking mistake, you will likely still owe the money back, but you will have control of how that happens.

    It is important too to not use this account for other purposes, because in the cases of people that resulted in negative balances, the reason is because there is a primacy order for banking transactions. Wire transactions precede checking transactions, and checks are subject to an end of day clearing process. Wire transactions do not “bounce” they either go through or they don’t, but checks can bounce when a wire is reserved causing the balance to be zero or near enough to zero that there is not enough money to cover the outstanding check.

    • Choose an account type that has the least fees, transaction limits, and minimum balance requirements, then provide that account to employers or other sources that will send you electronic funds.
      This comment is excellent. Why not companies instead of sending to third parties for payment processing, send deposit instructions directly to banks of the employees .
      Even 250 employees may not be using more than 100 banks. Most of the time weekly payment amounts may be constant and the company may issue recurrent deposit instructions only once.

      • Ken, Many employers use 3rd party companies because the technology and skilled staff needed to process direct deposits and taxes are cost prohibitive for many employers, especially small businesses.

    • There are several things wrong with this plan.

      1. Direct deposits are not wire transfers. They are ACH transfers.
      2. Perhaps because of your misunderstanding of #1, please note that banking institutions can and will put the account in the red with a negative balance, and all fees associated with such action.

      You will probably have a good cause to dispute the fees, and any bank worth their salt will accomodate, but this is *NOT* a way to prevent this from happening

      • Yes, you beat me to it, well said.

      • Perhaps processing of reversals for ACH have policy differences by institution. My bank had the restrictions I referenced along with a five business day limit for corrections.

        Another advantage of having a second account for these transfers would be that if the payment was reversed, the negative balance (and any fees) would only apply to that account. I can’t imagine that the bank would automatically drawn down cascading separate accounts (such as my checking) to pay back the resulting negative balance from the inbound savings account (unless the correction and cross account transfer happened on the same day). This could mean the difference between dealing with one account overdrawn versus having multiple outbound checks bounce.

  9. Matt was correct about Reg E protection for unauthorized debits to a consumer account. Further, that right of recredit is for a 60 day period, per the NACHA rules. So, consumers have ample protection. If formal ACH reversal transactions are sent by the Originating Bank, then it’s quite possible the consumers will receive the associated credits to their accounts and may simultaneously have returned the debits as unauthorized! Thus, they can possibly end up on the plus side!! It wouldn’t the first time that’s happened. It’s a risk associated with sending reversal entries.

  10. [“But according to Cachet, something odd happened with the instructions file MyPayrollHR submitted on the afternoon of Wednesday, Sept. 4 that had never before transpired: MyPayrollHR requested that all of its clients’ payroll dollars be sent not to Cachet’s holding account but instead to an account at Pioneer Savings Bank that was operated and controlled by MyPayrollHR.”]

    I am confused by this. My company was affected for our 08/30/2019 payday. This statement seems to relate to a payday scheduled for 09/06/2019, or some other date after the 4th.

    What am I missing?

  11. As a geek and avid reader of mysteries, I wonder if Mr. Mann had sent a few small negative transactions over time, to verify the process worked, before the big day; if he decided to try it on a whim and it actually worked; or if it was an accident and he either acted quickly to take advantage, or perhaps took himself out in penance.

    If it were deliberate, a careful geek would have tried with a few small accounts first, and those crumbs should still be there.

  12. To me the most damning part of this is

    “But according to Cachet, something odd happened with the instructions file MyPayrollHR submitted on the afternoon of Wednesday, Sept. 4 that had never before transpired: MyPayrollHR requested that all of its clients’ payroll dollars be sent not to Cachet’s holding account but instead to an account at Pioneer Savings Bank that was operated and controlled by MyPayrollHR.”

    Considering the 12 year relationship they had, this should have sparked at least further review on Cachet side. If for 12 years one thing happens, then out of the blue without notification the opposite happens instead – it should immediately be reviewed. At best, it was a mistake. At worst, it’s a scam / theft like this.

    The failure for them to investigate the clearly strange request based on a very long history with a client is on them and they should share the brunt of the impact they assisted.

    I have a few friends that run small businesses that got caught in this. They are really hurting – some may fail as employees leave due to needing money (and some think my friends’ are the real culprits and are blaming them!)

  13. This is why more companies should handle things like this in house. If your company is big enough to require assistance with payroll like this, use 2/3 of the money you were going to spend paying for the service to just hire a decent accountant to do it for you. That way you get somebody who actually cares about doing a good job, because he is equally invested in the company. I have similar advice about it work. You are always better off developing your own it Department then you are Outsourcing it just some random Schmucks who are only looking to make a quick buck exploiting you.

    • US payroll taxes are a big enough hassle that even a company with fewer than five employees would save money outsourcing their payroll processing.

      Since it is an expense that is being outsourced cost minimization factors in here.

      • Nonsense.

        Writing paychecks is not rocket science. Sending tax statements is not rocket science. All it takes is a bookkeeper and regular visits by an accountant, both of which are standard in businesses of 10+ employees.

        What do you save with outsourced payroll? You still need a bookkeeper for the day to day bills and to keep track of employee hours (to feed to the payroll company). And you still need the accountant for end-of-year tax compliance.

        What you lose by not doing payroll in-house is a close relationship with an accountant, who has the analytical training and experience to spot trends and offer tax-saving and compliance advice. Weekly or monthly payroll visits also make the end-of-year bill lower, because the accountant’s been able to keep your records straight all year long.

        Payroll services are Penny wise, pound foolish.

        • Most payroll is done electronically via ACH so most businesses are transitioning in order to get the payroll to the employees faster.

    • Yeah, exactly!

    • It used to be that companies would have things in-house to process the payroll and employee information. However many firms have outsourced it to save money in processing the payroll at the same time fewer employees doing this.

  14. This is terrible news . The 4,000 virtual clients of my payroll hr please feel free to reach out to me directly to help you establish a new payroll provider. Our team is New York based and would love the opportunity to help you in this tough time!

    Cmanzello@newtekone.com

  15. Banks are supposed to credit you back immediately for
    any fraudulent electronic transaction, while the bank investigates the fraud claim.

    The bank has 2 weeks to dispute the claim and then take back the funds if the transaction is not fraudulent.

    This is written in the banks electronic funds disclosure
    policy document that they send out to customers or you can request a copy.

    if the bank is slow to give you back your money, them
    call the federal reserve’ consumer protection bureau
    and file a claim on their web site(they are the bank regulation agency in the usa).
    After receiving your complaint, the bank has 14 days
    to settle the compliant.
    in the usa)

    • It depends on the transaction. Read the fine print.

      This isn’t some Credit or Debit card transaction that the bank authorized, and is at fault for not detecting. This is a pre-authorized draft that employees essentially gave permission to run as part of their “direct deposit” agreement.

      Yeah, it sucks because people think it is “deposit only” thing, and they never agreed to two way transactions… but they did.

      So the banks here aren’t liable for any of this.

  16. Well, kudos to all the posters here for not proposing blockchain as a replacement for the vulnerability of the simple text file method. Though I just mentioned it. Blockchain. There, I did it again. Blockchain. No one knows how it’d fix it but it probably would because, well, blockchain.

  17. IN MY OPINION:

    WHAT PROBABLY HAPPENED?

    MR MAN DEFAULTS ON A LOAN, THE BANK FREEZES THE COMPANY ACCOUNT.

    CACHE FINANCIAL CALLS THE BANK

    THE BANKS SAYS GIVE US THAT MONEY
    MR MAN HAS COMMITTED FRAUD ON A LOAN
    THAT MONEY IS OURS!!

    MANS BANK TELLS CACHE TO GIVE IT MANS
    MONEY
    (CACHE KNOWS ITS REALLY NOT MANS
    MONEY)

    BANKS LOVE TO KISS EACH OTHERS BUTTS.
    SO CACHE RUNS WILD DEBITING ACCOUNTS
    SO IT CAN HOLD ALL THE FUNDS FOR TRANSFER
    TO MANS BANK

    AFTER ALL THIS PUBLICITY , CACHE BLAMES
    COMPUER ERROR, TO GET OFF THE HOOK!!

    WHAT CACHE NEEDS IS A GOOD CLASS ACTION
    LAW SUITE!!

  18. Anyone else disturbed that Cuomo called these “reckless actions”? No, this is not reckless at all, it is a deliberate crime.

  19. Why did Cachet pay the workers when money was sent to another bank and not to them? Why did they not have a system in place to ensure they had the money before attempting to pay funds out?

  20. Modern day bank robber. Mr. Mann probably laying at the beach slurping a drink.

  21. I’m wondering if they were trying to do what PayPal does (or used to, not sure if they still do): sit on the transaction for a few days to collect the interest and then release the funds?

  22. While from an outsider’s perspective it is difficult to say exactly what could have been done to prevent this situation entirely, Cachet should have never processed that first (or second) reversal file in the first place. NACHA rules clearly outline the situations in which you can reverse a batch or file of transactions and not receiving funding for those transactions is not one of them. Not only that, protecting against the failure of a company to fund an ACH file is one of the basic tenants of ACH risk mitigation. There were a lot of moments in this series of events that it could have been kept from spiraling out of control and unfortunately, the failure of those who should have known better ultimately affected all those employees most.

  23. I’m still trying to understand how the CEO benefited if the pioneer account was frozen and the funds didn’t get deposited.

  24. Frank Abagnale, in his book “The Art of the Steal”, suggests setting up your direct deposit in such a way that your employer can deposit funds, but not withdraw them. But good luck actually *doing* that. This is the type of thing that should be regulated; no employer – much less a vendor – should be allowed to withdraw funds from your bank account. If there is an error, they should have to go through you to get it resolved. Otherwise it’s not Direct Deposit – it’s Full Account Rights.

  25. Hey Brian – Michael Mann – is this domain name extortionist the same Michael Mann?

    https://www.cnet.com/news/meet-the-mann-who-registered-14962-domains-in-24-hours/

Leave a comment