When you’re trying to right fraud, you cannot just look at external threats. Unfortunately, some of the most pernicious threats can come from the inside, and to protect your financial institution and your customers, you need to be constantly vigilant.
To point you in the right direction, here is a brief look at some of the most pervasive types of internal fraud affecting banks followed by a list of the signs of internal fraud.
Types of Internal Bank Fraud
Bank fraud committed internally can take a number of different forms including the following:
- Transaction reversals: A teller accepts a deposit from a customer and then reverses the deposit and pockets the funds.
- Account manipulation: A banking professional removes fees or charges from their own account or from a friend or relative’s accounts.
- Data theft: Banking employees steal personal data from customers, and then, they open accounts or apply for loans in their names.
- Internal collusion: Two or more bank employees work together to bypass internal controls and steal money from the bank.
- IT changes: Someone in the IT department temporarily grants administer rights to an unauthorized employee so they can approve a fraudulent transaction.
Internal bank fraud can also take the same form as fraud committed at other organizations. For instance, someone in the payroll department could start generating checks for a fake employee. Or someone in the accounting department could start issuing payments to a fraudulent vendor.
Red Flags for Internal Bank Fraud
The signs of internal fraud vary based on the type of fraud being committed. However, there are several issues you should look out for in general. If you see any of the following red flags, you may need to investigate further to determine if fraud is occurring.
1. Multiple customer complaints about incorrect balances
If you receive an increased volume of customer complaints about issues such as incorrect balances or deposits not being credited, an employee may be the culprit. As indicated above, employees may take deposits from the customer, reverse the transaction, and pocket the funds. Or, they may make other unauthorized changes to customer accounts.
2. Unexplained increases in expenses
Unexplained increases in expenses may indicate that an employee is drafting payments to a fake vendor and pocketing the money. To find this type of fraud, you should regularly check for new vendors and make sure they are authorized.
Also, look for issues such as a vendor with the same address as an employee or a vendor using a drop shipping address instead of a real street address.
3. Unusual invoice patterns
Unusual patterns with invoices can also be a sign of internal bank fraud. In particular, duplicate invoices may be fraudulent, and amateur embezzlers often draft invoices with even numbers such as $5,000 or $10,000.
Similarly, if a vendor’s invoices are all in sequential order, you’re either their only client, or they may be a fake vendor created by an employee stealing from your financial institution.
Additionally, you need to keep an eye out for payments issued under the threshold that requires manager approval. People who commit fraud internally often know which payment amounts require additional approval, and they may draft invoices or issue payments under those thresholds.
4. Employees who refuse to take time off
An employee who works all the time and puts in extra hours on the weekend may seem like an asset to the company, but they can be a liability. When employees refuse to take time off, they may not want anyone to step into their role, and if they are stealing, this can have disastrous effects on the bank.
For example, the collapse of French investment bank Société Générale in March 2008 was perpetrated by a trader who had not taken a day off for eight months.
5. Employees under pressure
Most internal fraud does not happen in a vacuum. Thieves typically require three elements to commit a crime: pressure, opportunity, and rationalization.
Ideally, your internal controls should reduce the opportunity for crime, but if you know that an employee is under financial pressure, you should keep an eye on them. They may rationalize the idea of stealing from you and take any opportunity that presents itself.
6. Bypass of validation controls
If you see any signs that internal controls are being bypassed, your financial institution may be the victim of internal fraud. Internal controls are designed to reduce the risk of fraud, but they can be bypassed in different ways.
For example, someone in the IT department may grant additional privileges to another employee so they can bypass a control. Or two employees may collude together to bypass internal controls. In other cases, a single employee may just find a way to get expenses approved without a second layer of authentication.
Breaches of rule-based controls are often discovered in audits, but this creates an unfortunate delay between the crime and detection. Ideally, you should have some type of fraud detection tool working in real-time in the background.
7. Activity in dormant accounts
Unscrupulous employees may be tempted to steal funds from a dormant account. They may assume that they won’t get caught if the account holders have forgotten about the accounts.
In these cases, you cannot rely on the customer complaining because they may never notice the losses. As a result, the onus falls on your financial institution to monitor activity on dormant accounts.
At SQN Banking Systems, we are committed to helping our clients fight all types of fraud at their financial institutions. We have a variety of anti-fraud tools and solutions, and we can also help you review your fraud processes to ensure you’re not missing anything. To talk about how we can help you, contact us today.