At the ACUIA (now ACUARP) Annual Conference in June, ViClarity hosted a breakout session on fraud trends, discussing insider fraud, common consumer scams (external fraud), and tangible fraud monitoring and prevention steps that credit unions can take to stay ahead of it all. Here’s a summary:
Insider fraud is on the rise in credit unions. Much of this can be linked to weak internal controls left over from pandemic-era changes. Some credit unions that relaxed dual controls and other staff-reliant measures during shut-downs and social distancing requirements have not taken the steps necessary to get back to normal. Combine lax controls with an economic downturn and societal prioritization of convenience over safety and it’s no surprise the Association for Certified Fraud Examiners observed the notable uptick.
Accurately detecting insider fraud requires quality training. Leaders should deploy a two-part training strategy:
Because staff turnover and shortages persist, it’s essential to provide ongoing training and to ensure cross-training between individuals and teams.
Credit unions should also consider specific fraud prevention guidelines from the National Credit Union Association, including establishing fraud and anti-nepotism policies, internal controls, bonding of employees, background checks, and segregation of duties.
It’s critical to establish and document fraud prevention procedures — and to update and review those procedures regularly. At a minimum, these procedures should include:
Insider fraud impacts credit unions institutionally, but credit unions also deal with external fraud that impacts member accounts almost daily. The activities observed by experts in the past year have evolved with the current economy and technological advancements. Fraudulent actors are continuously finding new ways and resources to take advantage of consumers.
Many types of fraudulent activities are used to gain access to the kinds of vulnerable information that eventually leads fraudsters to an individual’s financial accounts. The most common scams noted by the FTC in 2022 were imposter scams, online shopping, prizes, sweepstakes and lotteries, investment scams, and business and job opportunities. The number of total scams is likely much higher than the FTC’s official count as a vast amount of fraud goes unreported. Along with those scams, check fraud and identity theft have seen a resurgence, and peer-to-peer (P2P) fraud continues to rise in popularity.
While all these trends are worth monitoring for, P2P fraud is especially interesting because of proposed legislation that could drastically impact credit unions and their operations. In the past, regulators have not held financial institutions liable for authorized fraud (when a member willingly sent the funds) via P2P platforms. Regulators are proposing to change that. If they are successful, financial institutions could be on the hook to reimburse all fraudulent transactions, which are increasing in dollar amounts and popularity.
As fraudulent activity continues to evolve through the fluctuations of the economy and technological advancements, credit unions must focus their energy on monitoring and prevention. Keeping staff and members up-to-date and aware of current fraud trends is one of the most impactful ways a credit union can combat fraud internally and externally.
In addition, risk assessments should be completed to steer staff focus towards problem areas, directing the most preventative energy to the most significant threats.
Many organizations use automated monitoring systems to flag suspected transactions. To get the most out of these systems, it’s important that the parameters set by a credit union capture the right information for what their specific organization considers risky behavior. Conducting regular, independent validations also can help maximize the effectiveness of an automated monitoring system.
Whether it’s a team member who suspects a colleague is up to no-good or a member who has been scammed out of money, fraud is often accompanied by fear and embarrassment. This often makes reporting fraud difficult for people. Credit unions that take a proactive stance against fraud — through training and education bolstered by sound policies and procedures — establish a culture that makes reporting problems much easier.
Your team and your members should know that fraud is now a matter of when, not if. Empowering them to spot and stop fraud is your credit union’s best chance at weathering the tumult of scams while also maintaining financial soundness and lifelong member loyalty.
If you suspect fraud is present in your organization and are not sure how to proceed, contact the NCUA hotline at 800.827.9650 or via the website.
Article originally published in Audit Report magazine, authored by Carrie Helmle, ViClarity’s Senior Director of Audit Services. ViClarity is a company of the California and Nevada Credit Union Leagues and a benefit of League membership.