“We must put our conviction ahead of our convenience” – Leticia Ohene-Effah
Dear Readers, I re-started a series on one of the feared inside threats in financial institutions – internal fraud. I also quoted several extracts from various data analysed around the globe which prove that fraud is indeed no respecter of persons.
Kudos to the Mentor with Swag – Mrs. Leticia Ohene-Effah (Co-Founder, Lead Afrique International)
This trendy lady is a course-mate who sits next to me in a course I am currently pursuing at CEIBS. Incidentally, she is a host of the Saturday morning CitiFM radio programme FamLife, which offers counsel on family life and relationships. She was later nicknamed ‘Madam Ethics’ by the class due to her strong stance on ethical issues. It is always refreshing to see people with such strong convictions about ethics and morality. Leticia, continue doing what you do best as you mentor our younger generation on strong ethical principles. If they imbibe it, it will reduce the rate of collusion and internal frauds within institutions. I am celebrating you today.
Fraud is different from Mistakes
Before I continue, I wish to make a clear distinction between mistakes and fraud. Mistakes are sometimes the pathway to great ideas and innovation. Mistakes are the stepping-stones to moving outside the comfort zone to the growing zone where new discoveries are made and great lessons are learned. Mistakes are neither failures nor fraud. They are simply the process of eliminating ways that won’t work in order to come closer to those that will.
A note of caution however, is the fact that some departments of financial institutions are known for their strict conventional rules and regulations. Leaving one’s comfort zone just to try new methods should be done with guidance to ensure the institution does not encounter a major catastrophe. Innovation in marketing, sales, customer service is great. Go on, and try out the new methods there.
Causes of Internal Fraud (continued)
In many countries, banks’ primary focus for fraud prevention & detection is only on Retail Banking, while ignoring Corporate and Investment Banking and support functions like Procurement, IT and Operations. Let us look at more internal sources of fraud:
- Greed of Tellers and Vault Custodians: On a fine afternoon twenty years ago, a Teller barged into my office and stood in front of me, shivering as she uttered: “Manager, I have committed a sin!”. What had happened? She broke down in front of me saying that a customer was on his way to see the Operations Manager and collect a statement of his account. This was a normal occurrence but with this case, she knew the outcome would make her receive the marching orders.
Apparently, she had been suppressing the customer’s deposits and crediting the deposits as and when she could refund them. Of course, she did receive the orders, but the bank suffered reputational damage. In such a case, it was pure greed. Such deeds can be difficult to detect. That is the reason why customers are advised to check their statements in case of genuine mistakes or fraud.
- Improper Management of cheque books stock and payment orders: Where do you keep your cheque books, payment orders and other valuable documents like Fixed deposit receipts? Is it under dual control or under strict monitoring conditions? There are numerous cases of fraudulent pull-outs of such banking instruments, which are subsequently misused to steal from either customer accounts or the bank’s.
- Inadequate Credit Appraisal: Every financial institution’s backbone is credits, and the deliberate manipulation of customers’ data and accounts to facilitate approval of loans has always been the root of bank collapses.
- Monitoring & Collections/Recoveries: When sympathy replaces empathy, some loan monitoring officers become compromised and connive with customers to give wrong information on call reports to benefit the customer – much against the bank’s interests.
- Incomplete Account Opening processes: Deliberately shutting one’s eyes to the obvious during account opening is the window to bank fraud. Supervisors of account-opening should ensure the ‘boarding pass’ into the bank’s space is fool-proof.
- Technology Vendor Selection: This sensitive issue about poor selection of computer software providers can cause financial loss to the bank when the system proves unfriendly and unreliable.
- Bad Procurement Practices: Collusion between staff and service providers also results in financial losses when goods supplied are shoddy and of low quality. Sometimes over-stocking of some supplies causes them to be obsolete or unusable.
- Inadequate Monitoring of General ledger: Access to the general ledger and suspense accounts used to hold funds temporarily – such as loans, dormant accounts, or funds awaiting transfer – can be tampered with by very knowledgeable staff who can cover their tracks. Investment banking staff can manipulate suspense accounts or create ficticious accounts to benefit themselves. There are instances of investment bank officers diverting clients’ investment deposits into their own personal accounts, to work with briefly before investing for the client.
- Fraudulent Changes in Customer Data: Some bank staff make false changes in the system about customers’ information. These include address, telephone contacts, emails, and next of kin. The question is: Does the system allow this without a prompt, an over-ride or authorization by a supervisor without any source document? Then, a word to the wise……
- Fraudulent IT changes: Staff with IT administrator privileges can play a key role in internal frauds; for example, by granting administrator rights to non-IT staff to quickly approve a fraudulent transaction. How often is your User-access matrix reviewed? Abuse of administrator privileges is one of the key internal-fraud risks facing financial institutions.
Occasionally you may come across some highly-trusted IT staff with ‘super-user profiles’ to go into the live ‘production environment’. This high-level access inevitably creates opportunities to carry out or validate fraudulent transactions. Problems can arise when IT departments neglect to remove temporary ‘extended rights’ from staff after a specific project finishes – leaving them with greater access to the core system than they should rightly enjoy.
- Theft of Customer data for Fraudsters: In 2010, an intern was approached by a fraudster to supply him with customers’ data to enable cheque-cloning and other theft to be facilitated. He only needed to supply the gang with customers’ names, account numbers, signatures, cheque numbers, etc. In return, he would have been given an SUV and a stay in South Africa. Fortunately, he did not accept the juicy offer.
- Unavailability of Specialist Systems Auditor: Who watches the gatekeeper? Superior IT users who are in charge of the core banking system can be very difficult to monitor without specialist software tools. They have a lot of opportunity to make changes on the system that could lead to frauds; such as inter-account transfers, logging-off users to re-set them after using their IDs. Scary, isn’t it?
The list is endless. I will pause here as you reflect on some of the new revelations.
To Be Continued…
ABOUT THE AUTHOR
Alberta Quarcoopome is a Fellow of the Institute of Bankers, and CEO of ALKAN Business Consult Ltd. She is the Author of two books: “The 21st Century Bank Teller: A Strategic Partner” and “My Front Desk Experience: A Young Banker’s Story”. She uses her experience and practical case studies for training young bankers in operational risk management, sales, customer service, banking operations and fraud.