Credit union fraud perpetrated by the cooperatives' ownemployees has turned into a significant risk, according to industryexperts.

|

CUNA Mutual Group, the insurer for the majority of U.S. creditunions, reported in 2014 that internal fraud accounted for 46% of the money it paid in claimsbetween 2009 and 2013, even though instances of employee dishonestyonly accounted for 14% of total claims during that time.

|

In addition, while the numbers are difficult to pin down, theNCUA's data for the same time period showed credit unionfailures due to internal fraud were beginning to dominate shareinsurance fund losses as well.

Which of these measures has your creditunion taken to reduce internal fraud risk: (Check all thatapply)

Employees that handle money or approve loans must take atleast one uninterrupted week-long vacation every year.Rotate employeesbetween branches. Rotate theemployees involved in hiring and setting up new vendors.Periodicallyupdate background checks and/or credit reports on key executivesand board members. Publicizeanti-fraud policies to employees. None of theabove OtherPlease Specify:

PollMaker

However, while experts familiar with preventing internal fraudsaid it may be impossible to thwart when instigated by adetermined, dishonest employee, they said the likelihood can atleast be reduced by understanding the problem and implementing afew relatively simple policies.

|

To explain the problem, the experts used a triangle model todepict the three different elements that are usually present whenfraud takes place.

|

“Internal fraud often reflects what we have come to call a fraudtriangle,” ACL Services Ltd Vice President of Product Dan Zittingexplained.

|

Based in Vancouver, Canada, ACL Services has written softwarethat monitors financial institutions and other corporate computerand financial systems for signs of fraud.

|

Pressure comprises the base of the triangle that Zittingdescribed. This might refer to some sort of financial trouble or anaddiction issue that would cause an otherwise trusted employee toneed money, he explained.

|

The triangle's left side represents the opportunity to commitfraud, he said. Fraud opportunities might arise from a set oftoo-lax internal controls or a failure to implement procedures thatexist on paper but not in day-to-day practice.

|

The triangle's right side, Zitting described, stands forrationalization or motivation. The rationalization part of fraud iswhere the employee – who might be a long-term, highly trusted staffmember – explains his actions to himself.

|

“Rationalization could be anything from, 'I am not stealing themoney because I am going to put it back when I can,' to, 'Theyshouldn't have passed over me for that promotion or treated me sounfairly,'” Zitting said.

|

Countering internal fraud often comes down to the measures acredit union has in place to break up that triangle, if it alreadyexists, or keep it from forming in the first place, he said, addingthat opportunity is usually the easiest side of the triangle toattack first.

|

|

1. Change thevacation rules for key employees.

|

One of the easiest things credit unions can do to limit theopportunity for fraud is to make sure employees who regularlyhandle money or approve loans take at least two weeks of vacationoutside the credit union each year, Zitting said.

|

“This is one of the single, best and simplest things creditunions can do to counter some types of internal fraud,” Zittingsaid, explaining that taking the person away from their stationmeans they will not be able to hide ongoing fraud.

|

|

2. Rotateemployees.

|

Opportunities for fraud often appear when employees are veryfamiliar with the procedures, layout and personnel in a givenbranch or work location. Zitting suggested credit unions adopt apolicy of rotating employees between different branches or worklocations to keep too much familiarity from developing.

|

Knowing another employee always runs late on Thursdays or thatsecurity cameras have a given blind spot is the kind of thing thatcan give an employee an opportunity to steal or falsify documentsin order to hide theft, Zitting explained. Moving an employeewho is committing fraud or thinking about doing so to anotherlocation can disrupt fraud; moving someone else into a space canalso keep fraud from continuing.

|

|

3. Remember thattwo is safer than one.

|

Another way to shut down a theft opportunity, Zitting said, isto make sure more than one employee is involved key tasks such ascounting cash or approving loans, and to expand the definition ofkey tasks.

|

Many credit unions understand the wisdom behind having oneperson take a loan application and another approve it, Zittingpointed out, but not as many recognize this principle can apply toother processes as well, such as adding new vendors.

|

“The person who requests to hire a vendor should not be the sameperson who approves that hire or the same person who brings them onboard with a credit union's system,” Zitting said.

|

He related the following story that took place when he consultedwith a bank on internal fraud prevention: While assisting the bankwith launching a program that compared the addresses of the bank'svendors with the addresses of its employees, he flagged instanceswhere the addresses were almost the same. Just doing that, he said,had revealed a couple of situations that raised fraud concerns, anda couple of others where the bank had hired an employee or familymember as a consultant, which led to conflict of interest risk.

|

“Every case wasn't fraud,” he said. “But just looking andchecking up about it let everyone know the bank was looking out forfraud.”

|

|

4. Update employeechecks.

|

Zitting also suggested credit unions adopt a policy of updatingcredit checks or background checks on key employees and completingthose checks on employment anniversaries.

|

“Particularly in the cases of high level people such as chiefinformation officer or CFO,” he said. “It makes sense to updatetheir checks from time to time to make sure nothing has happenedthat could make them a bigger fraud risk,” he said.

|

Zitting also recommended updating background checks on employeesthat have enterprise-wide responsibilities and controls. Even ifthere is a policy in place that requires employees to reportarrests or other encounters with law enforcement, Zitting saidupdating background checks can ensure employees with high degreesof responsibility and authority have not been hiding sources offinancial pressure.

|

|

5. Tell employeesthat you check.

|

Zitting said it's completely acceptable for a credit union to beup front with employees about having these policies in place and tolet them know the credit union has, as part of its standardoperations, procedures in place for detecting fraud.

|

“Just the knowledge that someone cared and was looking out forfraud provided a key deterrent,” he added.

|

Alma Angotti, managing director for global investigations forthe Chicago-based Navigant Consulting, advised that credit unionsoften didn't need to set up entirely new sets of procedures formonitoring internal fraud, and that many of the rules set up fordetecting money laundering and other types of external fraud can beadapted for internal fraud protection.

|

“It's important to be sure to have someone at the credit unionwho is responsible for looking, and that they know what they arelooking for,” she said.

|

She suggested credit unions routinely look for “outliers” oraccounts that have stopped acting in predictable ways. Likewise,she said to keep an eye out for patterns and ask whether there havebeen a significant number of loan losses stemming from a certainbranch or loans that are tied to a specific appraiser. It might notbe significant, but such a pattern could be a sign of kickbacks orother irregularities, she warned.

|

Moreover, she agreed with Zitting in that credit unions shouldbe open about putting a fraud detection office or officer in place,and that these individuals regularly check data andinformation.

|

|

6. Monitor forchanges in attitude.

|

Greg Mancusi-Ungaro, Chief Marketing Officer for the Toronto,Canada-based firm BrandProtect, argued credit unions should also beaware of the rationalization side of the fraud triangle.

|

“Typically, when employees decide to 'go rogue' and use theirinsider status to take illegal actions to defraud their employer,the situation is triggered by some event: A transfer, a change inresponsibilities, being passed over for a promotion, or losing outon an expected raise or bonus,” Mancusi-Ungara wrote in anemail.

|

“Whatever the cause of the situation, the employees findthemselves under emotional or financial pressure,” he continued.“But, long before such an event occurs – particularly in afinancial institution – HR, IT and security teams should considertheir options to monitoring internal and external online actions,including printer use, network access, building access and externalactivities (public postings on social media sites) to create abehavioral baseline for their employees. Following a triggeringevent, the credit union or bank should watch those same forums forthe telltale changes in behavior, as changes in online behavior areoften indicators of an imminent insider threat.”