Positive Pay vs Check Fraud Insurance: Why You Need Both

Positive pay and check fraud insurance solve two different problems. Positive pay is a preventive control at your bank that tries to stop a bad check before it clears. Check fraud insurance, usually written as a commercial crime policy or, for banks, a financial institution bond, pays you back after a covered loss happens. They are not substitutes for each other. Used together, one reduces the number of losses and the other covers the ones that get through.

This page explains how the two controls differ, how insurers and deposit agreements treat your fraud prevention efforts, and why prevention plus coverage beats either approach alone. It is general information, not legal or insurance advice. Your actual policy terms and your bank agreement control in your situation, so read both and ask your broker and banker about specifics.

What each one actually does

Positive pay works by matching. You send the bank a check issue file listing each check you wrote, typically the check number, amount, account number, and often the payee name. When a check is presented for payment, the bank compares it against your list. Items that do not match become exceptions, and you decide whether to pay or return them. For more on the mechanics, see what is positive pay and how positive pay stops check fraud.

Insurance works by reimbursement. A commercial crime policy generally includes forgery or alteration coverage, which responds to loss from forged signatures or altered negotiable instruments such as business checks. Fidelity bonds focus on employee dishonesty, while broader crime policies also cover certain third-party acts. None of these policies stop a fraudulent check from clearing. They pay a claim, subject to the policy terms, after the loss is discovered.

Prevention has no deductible; insurance does

A returned exception costs you nothing beyond the time to review it. An insurance claim is different. Crime policies carry a deductible, commonly a few hundred to a few thousand dollars per occurrence, and the insurer pays only the amount above it. Coverage is capped by a limit, and forgery or alteration is often subject to a lower sublimit than the headline policy amount. Policies also contain exclusions, and recoveries the insurer makes through subrogation are applied net of costs, not simply handed back to you in full.

The practical effect is that insurance leaves you exposed at both ends. Small losses can fall entirely inside the deductible, and large losses can exceed the sublimit. Stopping the check in the first place avoids the deductible, the claim process, and any premium consequences. That is why prevention is the cheaper layer and coverage is the backstop.

Your agreements may already expect reasonable controls

This is the part many businesses miss. Deposit account agreements frequently state that if the bank offers a fraud prevention service such as positive pay and you decline it, you may bear greater responsibility for losses the service was designed to catch. The law behind this comes from the Uniform Commercial Code. Sections 3-406 and 4-406 allocate losses using a comparative negligence standard when a customer's own conduct substantially contributes to a forgery or alteration. Regulation CC was also amended, with changes taking effect in 2019, to add a presumption that a disputed check was altered, which generally shifts liability toward the bank that accepted the item.

There are limits on how far a bank can shift risk. A bank generally cannot disclaim liability for its own failure to exercise ordinary care, and it must act in good faith. But you should not count on those limits. If you turned down an available control, expect that decision to come up when liability is sorted out. The federal OCC guidance on check fraud liability points customers back to their own deposit agreement for the controlling terms, which is exactly where these expectations live.

Insurers think the same way during underwriting and at claim time. Carriers want to see that you use reasonable controls, and the absence of an available tool can affect how a claim is viewed. Running positive pay is evidence that you took ordinary care, which helps with both your bank and your insurer.

How the two layers fit together

Think of it as a sequence. Positive pay tries to stop the fraudulent or altered check. Good internal controls, such as dual approval and regular reconciliation, catch what positive pay does not. Insurance covers the loss that still gets through. A practical setup looks like this:

• Use positive pay, and add payee positive pay if your bank offers it, to catch altered payee names.
• Submit your issue file on time and reconcile accounts even when positive pay is active, so a missed item surfaces quickly. See positive pay cutoff times.
• Review every exception by the bank's deadline. An unreviewed exception can default to pay or return depending on your settings. See positive pay exceptions.
• Keep a crime policy or bond sized to your real exposure, and know its deductible, sublimit, and exclusions before you need them.

Neither layer is optional in practice. Insurance without prevention means more frequent claims, larger retained losses inside the deductible, and weaker footing if a bank argues you declined a control. Prevention without insurance means one large or unusual loss can land entirely on you. For help deciding whether you need the bank service, see do I need positive pay, and to format your issue file at no cost, use the free check issue file generator.

Related guides

• Positive Pay File Format: The Complete Guide
• What Is Positive Pay? How It Stops Check Fraud
• Positive Pay vs Reverse Positive Pay Explained
• Who Is Liable for a Forged Check? Positive Pay and the UCC
• Void Checks in Positive Pay: Codes & How to Mark Them
• What Is a Check Issue File?
• Positive pay basics

Create your positive pay file