An examiner noted that we have an older account for a customer with a doing business as (DBA) name that is very similar to the name of a corporation where the customer is an employee or owner. The corporation does not have an account with our bank, and we do not have an assumed name certificate for the DBA account. What is our potential liability if our customer fraudulently deposits checks made out to their DBA name that are intended for the corporation? Would we be liable to the corporation if they claim the checks were stolen? If we are unable to obtain an assumed name certificate, could we have the corporation sign an indemnification agreement authorizing the customer to deposit checks made out to their DBA name?

At the outset, we believe it would be prudent to ask your customer to establish a new account in the name of the corporation, since it appears that your customer is depositing checks payable to the corporation’s name. We recommend following your account opening procedures for corporate accounts, which should include obtaining a corporate resolution or other documentation authorizing your customer to open the account and a signature card indicating who the corporation has designated as authorized signers for the account. Opening this account will allow your customer to deposit checks intended for the corporation into a properly designated account and potentially alleviate confusion and mitigate your bank’s potential liability.

In the meantime, we recommend determining whether your customer is a “fiduciary” of the corporation as defined in the Illinois Fiduciary Obligations Act (FOA) and is authorized to endorse checks on behalf of the corporation. If so, you may be shielded from liability if your customer endorses and deposits checks made payable to the corporation — or made payable to the DBA and intended for the corporation — into the customer’s personal DBA account.

Generally, under the FOA, a bank will not incur liability when a customer it knows to be a fiduciary of a business deposits a check made payable to the business into the fiduciary’s personal account, unless the bank exercised bad faith or had actual knowledge of the fiduciary’s wrongdoing. To be protected under the rule, the depository bank must know that: (1) the person is a fiduciary of the business, and (2) the person is authorized to endorse checks on behalf of the business.

To secure the protections of the FOA, your bank can obtain documentation from your customer establishing that they are a fiduciary of the corporation (such as by being an officer) and that they have the authority to endorse the corporation’s checks (which typically is established by a corporate resolution).

We note that the Uniform Commercial Code imposes a more stringent liability standard for banks when accepting deposits made by a person who has no authority to endorse the deposited checks. Consequently, if your customer is not a fiduciary of the corporation (or if you have no knowledge of whether your customer is a fiduciary), you could be liable to the paying bank for breach of one of the UCC presentment warranties (that a check had no missing or unauthorized endorsements) in the event your customer endorses and deposits a check intended for the corporation into their DBA account.

You also could request that the corporation sign an indemnification agreement holding your bank harmless if your customer deposits checks intended for the corporation in their DBA account, but if the corporation is willing, we believe a cleaner solution would be to establish a new account in the corporation’s name, as described above.

For resources related to our guidance, please see:

31 CFR 1020.220(a)(2) (“Customer Identification Program: minimum requirements . . . . (2)(i)(A) In general. . . . the bank must obtain, at a minimum, the following information from the customer prior to opening an account: (1) Name; . . . (3) Address, which shall be: . . . (iii) For a person other than an individual (such as a corporation, partnership, or trust), a principal place of business, local office, or other physical location; and (4) Identification number, which shall be: (i) For a U.S. person, a taxpayer identification number; . . .”)

31 CFR 1020.220(a)(2) (“Customer Identification Program: minimum requirements . . . . (2)(ii)(A) Verification through documents. For a bank relying on documents, the CIP must contain procedures that set forth the documents that the bank will use. These documents may include: . . . (2) For a person other than an individual (such as a corporation, partnership, or trust), documents showing the existence of the entity, such as certified articles of incorporation, a government-issued business license, a partnership agreement, or trust instrument.”)

BSA/AML Examination Manual — Business Entities (Domestic and Foreign) — Overview (“When opening an account for a customer that is not an individual, banks are permitted by 31 CFR 1020.100 to obtain information about the individuals who have authority and control over such accounts in order to verify the customer’s identity (the customer being the business entity). Required account opening information may include articles of incorporation, a corporate resolution by the directors authorizing the opening of the account, or the appointment of a person to act as a signatory for the entity on the account.”)

Fiduciary Obligations Act, 760 ILCS 65/9 (“Notwithstanding any other law, if a fiduciary makes a deposit in a bank to his personal credit . . . of checks payable to his principal and indorsed by him, if he is empowered to indorse such checks, or if he otherwise makes a deposit of funds held by him as fiduciary, the bank receiving such deposit is not bound to inquire whether the fiduciary is committing thereby a breach of his obligation as fiduciary; and the bank is authorized to pay the amount of the deposit or any part thereof upon the personal check of the fiduciary without being liable to the principal, unless the bank receives the deposit or pays the check with actual knowledge that the fiduciary is committing a breach of his obligation as fiduciary in making such deposit or in drawing such check, or with knowledge of such facts that its action in receiving the deposit or paying the check amounts to bad faith.”)

Fiduciary Obligations Act, 760 ILCS 65/1 (“‘Fiduciary’ includes a . . . partner, agent, officer of a corporation, public or private . . . or any other person acting in a fiduciary capacity for any person, trust or estate.”)

Illinois UCC, 810 ILCS 5/3-417(a) and 810 ILCS 5/4-208(a) (“Presentment warranties. (a) If an unaccepted draft is presented to the drawee for payment or acceptance and the drawee pays or accepts the draft, (i) the person obtaining payment or acceptance, at the time of presentment, and (ii) a previous transferor of the draft, at the time of transfer, warrant to the drawee making payment or accepting the draft in good faith that: (1) the warrantor is or was, at the time the warrantor transferred the draft, a person entitled to enforce the draft or authorized to obtain payment or acceptance of the draft on behalf of a person entitled to enforce the draft; (2) the draft has not been altered; and (3) the warrantor has no knowledge that the signature of the purported drawer of the draft is unauthorized.”)

Illinois UCC § 3-417 cmt. 2 (“Subsection (a)(1) in effect is a warranty that there are no unauthorized or missing indorsements.”)

Beedie v. Associated Bank Illinois, N.A., No. 10-cv-1351, 2011 U.S. Dist. LEXIS 65883, at *9 (C.D. Ill. June 21, 2011) (“Section 9 of the [Fiduciary Obligations Act] has been interpreted to have a preclusive effect thereby preempting other state law and establishing a total defense to banks for all claims arising from a bank's honest interactions with fiduciaries.”)

Mikrut v. First Bank, 832 N.E.2d 376, 385 (1st Dist. 2005) (“The [Fiduciary Obligations Act] relieves the depository bank of the duty of seeing that funds are properly applied. It becomes the principal’s burden to employ honest fiduciaries.”)