Go to:

April 2019
< Mar May >
Leaguer Email Subscription

You are not currently subscribed. Click Subscribe below to receive the Leaguer email.

Fraud! Are You Next?
Monday, February 8, 2016 6:30 AM

By Pamela Blevins, Remote Financial Services Manager, Credit Union Resources

The first question asked by any individual or company that has been defrauded is, “How could this happen to me?” This is especially true when it involves defrauding an individual you know and trust. I wish I could say this kind of risk has been declining due to advancements in technology and education on fraud prevention and risk mitigation; however, in the credit union industry, it seems to be consistently on the rise.

According to the Credit Union Times, “CUNA Mutual Group said 46 percent of claim dollars paid under the company’s fidelity bond coverage from 2009 to 2013 involved employee dishonesty, which represented 14 percent of total claims filed.” 

Furthermore, Credit Union Times also reported that Mary Ann Woodson, CFO of the NCUA said, “Almost all of the NCUSIF losses from 2014’s credit union failures were due to internal fraud. She also told the NCUA board that $28.6 million or 94 percent of the $30.4 million in losses to the NCUSIF from the 12 credit union failures (that) year were related to fraud.” 

Recently it seems that credit unions are doing all they can to battle possible outside fraud, such as cybersecurity. Safeguarding from this liability is important; however, a credit union cannot solely focus on the outside threat and turn a blind eye to what may be occurring within their organization. 

Credit union staff can be a credit union’s most valuable asset or its worst enemy. NCUA has recognized this ongoing internal threat, and it is no surprise they have made some major changes to the examination process to ensure credit unions are doing what they can to deter, minimize, and prevent possible internal fraud. 

What credit unions can do to deter, minimize, and prevent internal fraud:

  • Assignment rotation. Have multiple employees crossed trained in different areas. Occasionally, rotate job responsibilities so one employee is not solely in control of one area.
  • Mandatory vacation. When an employee is on vacation, rotate an assignment. This not only makes sure the show continues, but also allows for a fresh set of eyes.
  • Segregation of duties. Consider assigning the following duties among multiple employees or an outside party:
    • Collection of cash/checks
    • Bank deposits
    • Bank reconciliations
    • Disbursements of cash/checks

No one employee should be able to collect cash, make deposits, record the deposits on the general ledger, disburse checks, sign checks, and reconcile the cash accounts.

  • Surprise Cash Counts. Match the vault, teller drawer, and ATM totals to the balances on the general ledger. Also, spot check to see if tellers are writing personal checks to place in their drawers and replacing them for cash. When teller or vault personnel are out sick, this is a good time to spot check their drawers/vault.
  • Financial Institution Confirmations. Send bank/investment confirmations letters to confirm reported balances. This process is usually conducted during your annual audit; however, if an investment letter is not returned or was waived due to the cost of the electronic confirmation fee, follow up on these investments.
  • Employee Accounts. Consistently and continually review employee accounts. When reviewing employee accounts, pay close attention for the following situations:
    • Overdrawn balances or NSF funds
    • Waived fees for NSF or returned items
    • Checks written from one account to another
    • Deposits into the account from other members or from general ledgers other than normal payroll transactions
  • Surprise loan reviews. Continually conduct loan reviews. This can be done when a loan officer goes on vacation or is out sick. It is a best practice, when possible, to have one loan officer work the loan and another to review and approve the loan for dual controls.
  • Quarterly review of new loans. Conduct ongoing new loan reviews and reviews of higher than usual delinquencies by loan officer. Also segregate the ability to approve loans and disburse proceeds on loans. A dishonest loan officer could create false loan documents and use the loan proceeds for personal gain. These kinds of situations usually result in loans with no loan payments in which the loan becomes delinquent and eventually these loans are charged-off. 
  • Corporate credit card purchases and expense reports. Review corporate credit card and expense reports for legitimacy. Review invoices or receipts as support for credit union purchases.
  • Credit union check stock/check registers. Review the check stock or check register for “missing checks.” If a check is missing in the sequence, it could be a red flag an employee has stolen a check or written a check for personal use. It could also be a sign of kiting. Checks written from one credit union cash account, not recorded on the general ledger, and deposited into another general ledger account allows a dishonest employee to use money during the “float” time before the check clears the bank.
  • Cash general ledger account history. Randomly review the cash general ledger account history for unexplained or unusual transactions. There should be minimal manual transactions posted to the cash general ledger account. Keep the following questions in mind when reviewing general ledger history:
    • Can all transactions be explained?
    • When a general ledger transaction is cleared by another general ledger transaction, why did it occur and when it cleared, where did it clear to?
    • Are there unexplained in and out transfers from one general ledger account to another?
  • Bank Reconciliations. Cash is a credit union’s most liquid asset and the asset in which most credit union fraud occurs. For this very reason, proper bank reconciliations become a credit union’s best defense against dishonest employee fraud. Consider the following questions when reviewing the bank reconciliation:
    • Is the reconciliation reconciled at least every month-end?
    • Does the reconciliation bank and general ledger balances match those on the bank statements and financial statements?
    • Are all outstanding items identified, and can they be traced back to actual postings to the general ledger or bank statement? (“Plugging numbers” is one way to hide fraudulent activity in the cash account.)
    • Does the reconciliation reconcile to zero?
    • Did outstanding items from prior reconciliations clear timely?
    • Did they clear properly? (For example did a deposit or check posted to the general ledger clear the bank, or were they cleared by an unexplained manual transaction from another general ledger account?)
    • Why are aged checks not clearing the bank?
    • Are there checks that cleared the bank that were not recorded on the general ledger as a check?

There is no way to eliminate all possible internal fraud risk. If someone wants something bad enough, there's always a way. However, by putting up road blocks the credit union’s potential risk of internal fraud can be greatly reduced.