Good From The Inside Out. Saturday, April 8, 2017

Similar documents
Presented by: Michael Moreau, CFE, CIA, CFSA Manager, Credit Union Group Macpage LLC

Employee Dishonesty Lessons Learned: Internal Controls

Looking for Fraud Through Rose-Colored Glasses

To Receive CPE Credit

Watching the Vault: Employee Dishonesty

HOW TO SPOT AND MITIGATE FRAUDULENT ACTIVITIES

Describe Fraud in the Context of Financial

Reduce Your Risk: Understanding Internal Controls and Fraud Risks and Prevention

Types of Fraud, Detection and Mitigation Presentation by: Isaac Mutembei Murugu CIA, CISA 23 rd November Uphold public interest

Fraud Examination. Prevention, Detection, and Investigation. Steven M. Bragg

FRAUD TRENDS TO WATCH FOR IN Presented by: Daniel J. Mahalak

Defending Against the Latest Fraud Trends

Fraud Risk Assessment CARRIE KENNEDY, PARTNER DUSTIN BIRASHK, PARTNER

Stop Fraud in Your Office. Presented by: Margaret A. (Peggy) McGarrity, Esq., CPA

Financial Transactions and Fraud Schemes

FRAUD EXAMINERS MANUAL INTERNATIONAL EDITION

Equifax Data Breach: Your Vital Next Steps

Fraud Detection in Public Schools

Dig Deep into the Root Causes of Fraud to Prevent Future Attacks

FRAUD: A Web Of Deceit

Fraud Prevention & Detection. Eric Conforti, CPA, CFE April 17, 2018

An overview of the fraud threat to business, including the particular threat posed by electronic funds transfer fraud

OAPT June 9, Deterring Fraud and the Latest Fraud Schemes in Public Entities TAKE AWAY #1

MMAAA Annual Meeting. Conducting an Investigative Audit June 13, Presented by: John J. Sullivan, CFE Melanson Heath

AGA Risk and Fraud Webinar

Bank Secrecy Act and OFAC Compliance Board of Directors Training

Everything You Didn t Want To Know About Employee Crime

Subject: Identity Theft, G-113 Department: All & Branches References: Part 717, NCUA Rules and Regs, FACT Act, Companion SOP s G-30 (Opening New

Lecture Notes for How to Steal $500 Million

11/9/15. Fraud in Non-profit Organizations: What You Need to Know NOW!

Asset Misappropriation. Peter N. Munachewa, CICA, CFIP, CFE

FINANCIAL STATEMENT FRAUD: DETAILED LOOK AT UNCOVERING CREATIVE ACCOUNTING FRAUD: P R E S E N T E D B Y : J O H N E K A D A H

Table 1: Historical Summary of Revenue Lost to Fraud. Estimate of Revenue Lost to Fraud

2015 Bank Secrecy Act

Red Flag Rule Procedures Under Princeton University s Identity Theft Prevention Program Effective: December 31, 2010

ROCHESTER INSTITUTE OF TECHNOLOGY

Revenue Scotland Counter-Fraud Policy

INTERNAL FRAUD PREVENTION:

IIA Fraud Conference. Case studies from recent investigations. 8 April 2015

Have you dealt with fraud in the past?

CSMFO CONFERENCE 2018

Financial Crime - Early Warning Signs the role of Internal Audit in recognizing red flags

SAMPLE AUDIT REPORT. Sample Credit Union. Report on Operations. As of Audit Date

Financial Accounting, 1e Chapter 6: Ethics, Internal Control, and IFRS Test Item File

Safeguarding the Financial Assets of Your Church. Indiana Conference of the United Methodist Church

EXERCISES. The complete AICPA summary of Section 404 of Sarbanes-Oxley is as follows: Section 404: Management Assessment of Internal Controls.

CU PolicyPro Policy Guidance. March 2018

ANTI-MONEY LAUNDERING FOR LENDERS

for Boards 2015 Spring Leadership Development Conference

Its Not About If, Its About When! Learning how to protect your organization.

Lecture notes for: Corporate Cons

Insights Into Accounting Schemes and Scams

Crime Coverage Section Application (Large Public Company > $1B revenues)

FRAUD EXAMINERS MANUAL (INTERNATIONAL EDITION)

PREVENTING FRAUD IN THE HOSPITALITY INDUSTRY

Fraud: How to Get Your District Free Publicity

Note: Action items are italicized

ELDER FINANCIAL ABUSE How to spot it How to stop it

Paul D. Vanchiere, MBA

WILLIAM I. ESKIN, CPA. Presentation to : Southeastern Accounting Show FINANCIAL STATEMENT ANALYSIS/FRAUD. August 18, 2011.

November 2017 ICPAK FORENSIC AUDIT SEMINAR

Bank Secrecy Act OFAC FinCEN

FRAUD EXAMINERS MANUAL

Employee Benefit Plan Fraud Examples

Identity Theft Prevention Program Procedure

POLICY: FRAUD PREVENTION. October 2017

by: Stephen King, JD, AMLP

Approval version. G l o b a l P o l i c y : F r a u d R e s p o n s e a n d W h i s t l e b l o w i n g P o l i c y. Board of Directors.

Financial Statement Fraud

Great Internal Controls and Then IT Happens Fraud!

Cash and Internal Control C AT EDRÁTICO U PR R I O P I EDRAS S EG. S EM

1/3/2013. Months. Other $75,000. Government $81,000. Non-Profit $100,000. Dollars. Public Company $127,000. Private Company $200,000

Securing Your Balance Sheet Fidelity/Crime Insurance. Presenter: Mary da Costa, Manager, Corporate Insurance

INSURANCE. Forensic services. Helping to protect your business from fraud, misconduct and non-compliance ADVISORY. kpmg.com/in

University System of Georgia s 2016 Georgia Summit Fraud in Higher Education

Fraud prevention for credit unions

Internal Routine & Controls (IRC) & Fraud New York Region Directors College

OLD DOMINION UNIVERSITY PCI SECURITY AWARENESS TRAINING OFFICE OF FINANCE

Fraud Cases and Lessons Learned

27 th Year of Publication. A monthly publication from South Indian Bank. To kindle interest in economic affairs... To empower the student community...

Palomar Community College District Procedure AP 5900 PREVENTION OF IDENTITY THEFT IN STUDENT FINANCIAL TRANSACTIONS

Chapter 2 Skimming. 2. To a fraudster, the principle advantage of skimming is the difficulty with which the scheme is detected. a. True b.

Fraud in Government. Mike Nolan, CPA, CFE, CGMA. CCACC & CCA&RMC Conference Monterey, CA September 2014

REPORT TO THE NATIONS ON OCCUPATIONAL FRAUD AND ABUSE 2016 SOUTHERN ASIA EDITION

Identity theft and abuse of information in fraud and corruption

Anti-Money Laundering and Terrorist Financing Prevention Compliance Program Creation Guide

An Expensive Problem. Fraud in Government A Growing Problem

INTERNATIONAL STANDARD ON AUDITING 240 THE AUDITOR S RESPONSIBILITY TO CONSIDER FRAUD IN AN AUDIT OF FINANCIAL STATEMENTS CONTENTS

Internal Bank Fraud Schemes & Scams in an Economic Downturn. Fictitious Loans. Bank Fraud Investigations. Tracking spreadsheet Affidavit 1 Affidavit 2

2. COVERAGE REQUESTED DESIRED COVERAGE: (PLEASE CHECK THE COVERAGE REQUESTED) LIMITS REQUESTED Employee Theft Forgery or Alteration Theft Inside Premi

Chapter Five: Student Services and Operations AP 5800 PREVENTION OF IDENTITY THEFT IN STUDENT FINANCIAL TRANSACTIONS

Audit Planning PRESENTED BY: MICHAEL L. FORTMAN, CPA SENIOR MANAGER BROK A. LAHRMAN, CPA SENIOR MANAGER

REPORT TO THE NATIONS ON OCCUPATIONAL FRAUD AND ABUSE 2016 GLOBAL FRAUD STUDY

What do they investigate

Auditing and Assurance Services, 15e

gamevy Anti- Money Laundering Detecting and Preventing Financial Crime Training for Gamevy

Catch Me If You Can. Fraud in Local Government. CITY & COUNTY OF SAN FRANCISCO Office of the Controller Audits Division

PROTECTING YOUR NONPROFIT ORGANIZATION FROM FRAUD AND EMBEZZLEMENT

POLICY: Identity Theft Red Flag Prevention

2018 Hiscox Embezzlement Study : An Insider s View of Employee Theft

Transcription:

Good From The Inside Out Saturday, April 8, 2017

What s New?

Just last week

Ex-CFO Accused of Embezzling $20M From Credit Union -Detroit Free Press January 9, 2016 Headlines

Recent headlines Engaged CU Employees Run Check Fraud Scheme for Drugs She worked as an accounting specialist for a $26.8M CU He worked as a teller at a $42.9M CU Allegedly responsible for 328 fraudulent checks that were deposited into 6 different accounts Allegedly responsible for 429 unauthorized ACH transactions deposited into 3 different accounts The check scheme ran from January 2015 through March 2016 Total loss $374,459 Couple faces up to 40 years each in prison and $100,000 fine

The Reality For every headline we read, there are a dozen cases of insider fraud that are kept quiet. The problem is bigger than we d like to admit. Everyone is capable of committing fraud.

The Good, The Bad & The Ugly Good News Most insider fraud is limited to thousands rather than millions Your bond may cover most losses associated with insider abuse Law enforcement is more willing to investigate than in the past Bad News If news goes public, your reputation may take a hit Your credit union may become insolvent Clean up will be expensive Confidence will be undermined You can t trust anyone

Fighting Insider Abuse

Why is fraud committed? Attitude is everything it can happen to you! Motivation: Pure intent at the outset Greed Operational failures that lead to opportunities Weak policies Weak procedures Lack of supervision or review No dual control or file maintenance reviews

Types of fraud Misappropriation Largest amount of fraud in this category Least costly Employee theft, exploitation of resources Corruption Employees use the company for their own benefit Bribery, extortion and conflict of interest Financial Statement Fraud Least amount of fraud in this category Employee omits or intentionally misstates information Fictitious revenue, hidden liabilities or inflated assets

Recognize Your Risk The first step to preventing internal fraud is to admit that it exists in the first place.

Where Are We at Risk? Liquid Cash/Coin Loans Corporate drafts Misc. negotiables (tickets, stamps, etc.) Equipment/Supplies Static Identities Member account info User ID & Passwords Investments Credit reports

Who Poses A Threat? Board/Volunteers Staff Members Strangers

Risks to your Credit Union Trends Employee theft for financial or personal gain Be aware of behavior or personality changes Insider espionage-targets internal data and trade secrets Sold on the market for a higher rate of return

How Do We Manage The Risk? Knowledge of your tools Checks & balances Internal Controls Segregation of duties Reports that track risky behavior Review bond coverage annually Stay current on risky topics

Types of internal controls Directive Preventive Detective Corrective

Directive Controls Designed to establish desired outcomes Policy and Procedure Approval limits Laws and regulations Training Job description IT configurations

Preventive controls Proactive in detecting issues with an emphasis on quality Preventative Controls require: Authorization and approval Supervision Segregation of duties Controls over access to resources and records

Examples of Preventive Controls Segregation of duties to ensure the same person is not: Initiating and recording transactions Making purchases and approving payments Ordering and accepting inventory Approving vendors and making payments Receiving bills and approving payments Preparing, distributing, approving, writing and signing checks/posting payroll

Examples of Preventive controls Passwords for IT systems Supervisory approval of payroll before disbursement Dual authorization of payroll data by accounting and human resources departments Prior approval of credit customers, vendors and purchases Loan underwriting, approval, and disbursement Shredding sensitive information

Detective controls Measures a company uses to identify issues that can be corrected Monitoring and oversight activities conducted on a regular basis File maintenance reports Employee and relative account monitoring Reconciliation Audits Physical Inventories

Corrective controls Response to errors or irregularities that have been detected System backups Quality Control Corrective journal entries

Think Like A Criminal Case Study #1: Zombie Accounts

Profile: Credit Union X CU Asset Size: $440M Position: Head teller/bsa officer Method: Takeover of deceased member accounts Total money embezzled & laundered: $738,000 Time period: 5 years

Who Head Teller was responsible for: Her own cash drawer The vault BSA Officer Scheduled and random cash audits Managing deceased accounts Profile: Employed for 18 years Never sought advancement opportunities despite being qualified Ultra reliable, rarely took any time off Known for her exacting attention to detail and thorough work No red flags of living beyond means, pricey purchases

How When the credit union would receive notice of death from SSI, the perpetrator would hide the notice so the account looked like it was still active Slowly, the perpetrator would siphon money out of the deceased s account by making cash withdrawals from her teller drawer and pocketing the cash, transferring money to other accounts under her control and using fraudulent ATM cards Coded the accounts not to generate statements Targeted dormant accounts with large balances, less likely to have relatives showing up looking for the funds

How Did It End? After 5 years and approximately 40 accounts, the crime was finally discovered by accident when another employee found a death certificate for one of the zombie accounts When confronted, the perpetrator immediately confessed, explained her system and admitted she used the funds to gamble with at a local casino CU terminated employment immediately, filed a SAR and a bond claim

Hindsight is 20/20 Prevention Should have had better checks & balances in place Although policy called for periodic audits, they were not being done As CU grew, analysis of duties should have been reviewed & reassigned Mandatory vacation policy Aftermath CU just wanted to make the problem go away Should have done forensic audit to verify the depth of the fraud Did not seek criminal charges against perpetrator

Think Like A Criminal Case Study #2: Fake It To Make It

Profile: Credit Union Y CU Asset Size: $71M Position: Loan Officer Method: Fake Loans Total money embezzled & laundered: $121,000 Time period: 9 months

Who MSR was responsible for: Opening new accounts Processing loan applications Closing loans Profile: Employed for 9 months Quickly became most prolific loan processor Previous employer was Ford Motor Credit Married to Ford executive, upper class lifestyle

How MSR would open accounts with stolen identities, issue debit cards and then put in loan applications under those accounts Centralized lending gave loan approvals MSR would close loans on fake accounts and access funds via debit cards Made payments on fraudulent loans with proceeds from new fraudulent loans, so the fake loans never went delinquent

How Did It End? Also discovered by accident, another CU employee saw member s Lexus parked in driveway in a run down neighborhood. When asked about it, MSR seemed very flustered. Employee reported this to internal auditor, who then looked into activity and caught the fraudulent loans. Before HR could act, MSR quit and walked out. CU filed bond claim, had forensic audit performed and reported activity with SAR.

Hindsight is 20/20 Prevention CU had strong checks & balances in lending process, but were weak in account opening process CU didn t perform background check, which would have alerted them to similar activity that led to her termination from Ford Aftermath CU contracted forensic audit to uncover full scope of fraud Sent notice to all affected consumers whose identities were used Deleted all fraudulent trade lines from credit reporting Did not seek criminal charges against perpetrator

How policies and procedures help Policy and Procedure give specific direction for employees to follow A measure of accountability by management Makes exceptions to policy and procedure more obvious to staff Should include oversight by management

Best practices Know your employees! Thorough background checks Follow up on references Review accounts before hiring and after Education Educate staff at a minimum of annually & new hires during orientation Employee s responsibility to report suspicious behaviors Fraud policies Establish communication channels for whistleblowers

Best practices Annual independent audit Independent 3 rd party analyze all areas for risk Utilize data analytics Software to identify trends, patterns and exceptions in data Requires human judgment to determine if data is detecting fraud

Best practices Rotation of duties Cross train employees to perform multiple jobs Dual purpose-succession planning Compulsory vacations Require employee relinquish duties for at least one week Requires another employee to be fully trained to perform duties Remote access must be blocked

Best Practices NCUA Fraud Hotline- 800-827-9650 MCUL Anonymous Whistleblower Hotline- 800-262-6285 ext. 193

Questions? Thank you for your time!

2024 © financedocbox.com Privacy Policy | Terms of Service | Feedback