Trends in Credit Union Fraud Detection Prevention Improving
- Slides: 46
Trends in Credit Union Fraud – Detection, Prevention, & Improving Your Risk Management Prepared for the National CU Collector Association Conference March 16 2017, Las Vegas, NV
Agenda • Fraud Categories & Schemes • Emerging – Card Not Present (NCP) Fraud • Red Flags of Fraud • Conducting a Fraud Risk Assessment • Anti-Fraud Control • Booster Payment
Fraud Definitions Violation of trust The use of one’s occupation for personal enrichment through the deliberate misuse or application of the employing organization’s resources or assets.
Summary of Fraud Findings • Typical organization loses 5% of annual revenue to fraud – applied to 2013 Gross World Product translates to potential fraud loss of more than $3. 7 trillion annually • Median loss in the study was $145, 000 with more than 22% of the cases involving losses over $1 million • Fraud lasted a median of 18 months from ACFE (Association of Certified Fraud Examiners)
Summary of Fraud Findings, cont • Asset misappropriation schemes (fraudulent disbursements, theft of cash receipts, other asset misappropriations) were the most common form of fraud, representing 85% of the cases and least costly at a median loss of $130, 000. • Financial statement fraud schemes were the least common form of fraud, representing 9% of the cases and most costly at a median loss at $1 million.
Summary of Fraud Findings, cont. • Corruption schemes fell in the middle, comprising just over 37% of cases and causing a median loss of $200, 000. • Occupational frauds are most likely to be detected by tips (40%) followed by management review (15%) and Internal Audit (14%). • Small organizations are disproportionately victimized by occupational fraud.
Summary of Fraud Findings, cont. • Public Sector was one of the most commonly victimized industries. • Anti-fraud controls appear to help reduce the cost and duration of occupational fraud schemes. • High-level perpetrators cause the greatest damage to their organizations.
Summary of Fraud Findings, cont. • 77% of frauds were committed by individuals in one of six departments: • Accounting/Finance • Operations • Sales • Executive/upper management • Customer service • Purchasing • More than 85% of fraudsters had never been previously charged or convicted for a fraud-related offense
Summary of Fraud Findings, cont. • Fraud perpetrators often display warning signs – most common behavioral red flag reported in the survey were perpetrators living beyond their means (36%) and experiencing financial difficulty (27%). • Nearly half of victim organizations do not recover any losses that they suffer due to fraud.
How Are Frauds Detected?
How Are Frauds Detected?
Card Not Present (CNP) Fraud Trends • Starts with theft of Personally Identifiable Information (PII) or payment data Testing of stolen data (e. g. BOTS, scripted, high velocity brute force attacks, small value or zero dollar transactions, gas pumps, small charitable donations, vending machines) Email lists to detect existing accounts to target for takeover, using scripted attacks Stolen data is used for account takeover (ATO) High risk merchandise: delivered quickly (e. g. digital), easy to sell/monetize, and/or high resale value Triangulation: fraudster is set up as a merchant on Amazon/EBay/Craig’s List etc. , filling orders with goods fraudulently obtained from merchant and then receiving funds from Amazon/EBay etc.
Fall 2016 Survey - Card Not Present (CNP) Fraud CNP Fraud Threat/Attacks Percentage of FIs who have experienced Stolen card 92. 86% Counterfeit card 85. 71% Lost card 85. 71% Mail intercept of card 78. 57% Phishing 78. 57% Skimming / shimming 78. 57% Attacks that fool the cardholder into using an insecure website 71. 43% Identity theft 71. 43% Creating a fake card 57. 14% False merchant site 57. 14% Impersonating the cardholder 57. 14% Counterfeit web sites 50. 00% Malware 50. 00% Social engineering 50. 00% Changing delivery address for goods after payment - at merchant 35. 71% Purchasing stolen credit card payment data on the black market/dark web 35. 71% Account take over (ATO) 28. 57% Application/enrollment fraud 28. 57% Pharming 28. 57% Stealing customer's merchant account credentials to get access to card on file payment 28. 57%
Fraud Categories & Schemes
Fraud Tree
Asset Misappropriation Employee steals or misuses an organization’s resources. • Most common category of occupational fraud – over 85% of cases reported • Least costly – median loss of $130, 000 • Median duration – 12 to 26 months
Asset Misappropriation Schemes • Check Tampering - Steal employer funds by intercepting, forging or altering a check drawn on employer bank account. • Billing - Cause employer to issue payment for fictitious goods or services, inflated invoices or invoices for personal purchases. • Non-Cash - Employee steals or misuses any non-cash assets of the organization. • Payroll - Employee causes employer to issue a payment by making false claims for compensation. • Skimming - Employee steals an incoming payment from an organization before it is recorded on the organization’s books and records.
Asset Misappropriation Schemes • Expense Reimbursements - Employee makes a claim for reimbursement of fictitious or inflated business expenses. • Cash Larceny - Employee steals cash receipts from an organization after it has been recorded on the organization’s books and records. • Cash on Hand - Employee steals cash kept on hand at organization.
Corruption Employee’s use of influence in business transactions in a way that violates duty to the employer for the purpose of obtaining benefit for self or someone else. • • • 37% of cases reported Median loss of $200, 000 Median duration – 18 months Most common area – Purchasing Employees acting alone or in collusion with vendors/contractors
Corruption Schemes • Kickbacks v. Bribery - Improper, undisclosed payments made to obtain favorable treatment. v. Diverting Business - Employee receives kickback for directing business to a vendor. v. Overbilling - Vendor submits false invoices that either overstate the cost of goods/services or reflect fictitious sales. Employee approves and receives kickback. v. Other - External party seeks fraudulent assistance from employees of victim organization.
Corruption Schemes • Illegal Gratuities - Giving or receiving something of value to reward a business decision. • Conflicts of Interest - Employee/agent has an undisclosed personal or economic interest in a matter that influences decisions and undermines their responsibility to their organization.
Red Flags of Fraud
Fraud Triangle
Red Flags Pressure Opportunity Rationalization Living beyond their means Inadequate controls Not compensated fairly High personal debt Too “cozy” with suppliers No recent raises Excessive investment speculation Vacation not taken Everyone else does it Excessive gambling Weak management Intend to pay back Substance abuse Ineffective or no internal audit Needed the money Extra-marital affairs No job rotation Felt cheated/wanted revenge Job frustration Always in crisis mode Bribe/kickback too tempting Resentment of superiors Large amounts of cash on hand or processed
Conducting A Fraud Risk Assessment
Assess Fraud Risks Conduct an annual fraud risk assessment • Assists management in identifying where and how fraud may occur and who may be in a position to commit fraud. • Focus on fraud schemes and scenarios to determine the presence of internal controls and whether or not the controls can be circumvented.
Assess Fraud Risks • Mitigate Fraud Risks • Make changes to activities and/or processes = transfer or eliminate the risks. • Improve anti-fraud controls. • Monitor Fraud Risks • Develop data analytics for management to use to monitor fraud risks. • Utilize Internal Audit to conduct audits of risk areas.
Example Summary Potential Occupational Fraud Schemes Asset Misappropriation - Theft of Cash on Hand. Asset Misappropriation - Skimming (Receipts stolen before recording in books - sales, receivables, refunds/credits). Asset Misappropriation - Cash Larceny (Receipts stolen after recording in books). Asset Misappropriation - Check Tampering (Intercept, forge or alter a check drawn on the organization's bank account. ). Asset Misappropriation - Cash Register Disbursements (False entries on cash register to conceal the fraudulent removal of cash). Asset Misappropriation - Purchasing/Billing (Invoices for fictitious goods or services, inflated invoices or invoices for personal purchases). Asset Misappropriation - Payroll (False claims for compensation). Asset Misappropriation - Expense Reimbursements (Fictitious or inflated business expenses). Asset Misappropriation - Inventory (Theft or misuse of organization inventory) Asset Misappropriation - Fixed Assets/Supplies/ etc. (Theft or misuse of organization assets) Corruption - Conflict of Interest Corruption - Bribery Financial Statement Fraud - Asset/Revenue Overstatement Financial Statement Fraud - Asset/Revenue Understatement. DEPT A DEPT B DEPT C OCCUPATIONAL FRAUD RISK DEPT E DEPT F DEPT G DEPT H DEPT I High Low Low High Moderate Low High Low Low Low High Low Low Low High Low Low Moderate Low Moderate Moderate Low Low Low Moderate Low High Low Moderate Low Low High Moderate Low Moderate High Low Moderate Low Low Low Low Low Low Moderate Low
Anti-Fraud Controls
Check Tampering Controls • Properly secure unused checks and equipment • Utilize security features on checks • Prohibit hand written checks • Require two signatures on checks over a certain amount • Segregate check preparation from signing • Immediately mail checks after signing
Billing Controls • Segregate purchasing from accounting and receiving departments • Require management approval of purchase requisitions/orders • Maintain a master vendor file • Require competitive bids • 3 way match by accounting of vendor invoice, receiving report and purchase order
Non-Cash Controls • Asset policy and procedure manual • Tag assets • Maintain asset, supply and inventory records • Conduct independent periodic inventories of assets, supplies and inventories • Reconcile the physical inventory to asset, supply and inventory records
Payroll Controls • Maintain personnel records independent of payroll and timekeeping • Utilize electronic payroll deposit • Periodically review employee payroll list • Review paid time off for compliance with policy • Periodically compare payroll with personnel records • Issue pre-numbered payroll checks in sequential order
Skimming Controls • Periodic review of accounts receivable for write-offs • Periodic review of cash accounts for irregular entries • Segregate receipt of cash and checks from deposit and recording functions • Restrict tellers from accounts receivable and customer records • Immediately restrictively endorse all checks when received
Expense Reimbursement Controls • Expense reimbursement policy • Require detailed expense reports • Supervisory review and approval of expense reimbursement claims • Place limits on expenses • Require original and detailed receipts • Detailed review of expense reimbursement claims
Cash Larceny Controls • Independently reconcile teller drawer tape totals daily to the cash drawer • Limit and monitor access to cash and safe • Properly supervise Tellers • Utilize cameras in teller areas • Segregate cash receipts, bank deposit, reconciliation, posting/accounting and cash disbursement duties
Cash On Hand Controls • Limit and monitor access: • Safe • Cash handling areas • Cash drawer • Petty cash • Properly supervise cashiers • Utilize cameras in cash handling areas
Anti-Corruption Controls • Conflict of interest policy • Policy addressing employee receipt of gifts, discounts, and services offered by suppliers and customers • Established procurement/bidding process • Pre-Bid solicitation documents reviewed for restrictions on competition • Bid solicitation packages numbered and controlled • All bids kept confidential
Anti-Corruption Controls • Proper segregation of duties in purchasing & accounts payable • Purchasing account assignments rotated • Periodic comparison of vendor information with employee information • Vendors who employ former employees under increased scrutiny • Reporting procedure for personnel and other vendors to report concerns about vendors receiving favored treatment
Booster Payments How? • Most payments are being made via ACH. Can also be mailed overnight to the CU. • Typically for an amount greater than the minimum payment required • As soon as line is available, member immediately runs the line up to the max through purchases or cash advances
Booster Payments Result • Payments are being returned creating a negative balance • Member must submit a larger payment to cover the negative balance and increase the line • This too is eventually returned The member is essentially ‘kiting’ the card payments.
Booster Payments Result • Losses in excessive of the originally approved line of credit have occurred (Balance owed $80 -$100 K, member defaults)
Booster Payments Mitigation • Request and review an “excessive payments” report from your card vendor • Review the ACH Daily Payments & Returns report • Delay availability of credit • Cap available balance to the approved credit limit • Identify accounts where the payment activity has changed • Check to ACH • Minimum payment to balance owed • Single monthly payment to multiple payments
Questions? 44
Thank you for your time and attention Norm Cecil Mainsail Trim, Inc. Norm. Cecil@Main. Sail. Trim. com 619 -306 -2087 45
Mainsail Trim Services for Credit Unions 46