LAS VEGAS (12/8/15)--Sessions on internal and external fraud Monday were standing-room only during the CUNA Supervisory Committee and Internal Audit Conference in Las Vegas.
Sue Landauer, a partner with Forensic Accounting Services Group LLC, presented both sessions, which focused on the supervisory committee’s role in providing oversight.
“Every area of the credit union is susceptible to fraud,” she warned the capacity crowd. If that’s the case, what can a supervisory committee do to help protect its credit union?
First and foremost, the committee can reduce opportunity, which is the universal side of the fraud triangle, whether it is external or internal.
“Make sure the system of internal controls is working and check to make sure any fraud that is discovered is found quickly,” she said. Overrides should be controlled, vacation policies should be enforced and management and employees should fulfill an annual ethics statement.
The committee should also pull samples of loan documentation, dormant accounts, employee and board accounts, and nonfinancial transactions reports to identify red flags internally.
One of the best defenses against external fraud is to “not even let them in the door,” Landauer said. An estimated 75% of new account fraud takes place within 90 days of account opening.
“Know your member,” she said, adding that the supervisory committee can use welcome letters or phone calls to ensure the veracity of new accounts or loans.
The second part of the fraud triangle is pressure, which could be caused by a financial or a personal crisis. Landauer shared a story of a longtime credit union manager whose gambling addiction--borne by the construction of a casino nearby--moved her to defraud her credit union.
Fraudsters also use rationales such as the credit union owes them something or no one gets hurt if fraud is committed. Rationalization is the third side of the fraud triangle.
For more News Now coverage of the CUNA Supervisory Committee and Internal Audit Conference, see Keeping CUs on right track by defining what is ‘right' and Human element impacts information security.
Register here for next year's conference, set for Dec. 4-7 in Las Vegas.