Credit unions are in the business of managing risk. Whether dealing with lending, investments, or liquidity, managing risk requires a careful and calculated approach.
Left unchecked, the many risks credit unions face today could have a catastrophic effect on the bottom line. “One of the biggest problems we’re seeing is losses caused by electronic fraud—wire transfers via fax or phone requests,” says Jay Slagel, vice president, risk management and claims, for Allied Solutions.
A large amount of cyber theft and data breaches originate from foreign venues, says Brad Mundine, senior manager of risk management for CUNA Mutual Group. “Much of the fraud involves money transferred overseas, both for purposes of money laundering and avoidance of U.S. jurisdiction.”
Closer to home, experts disagree on whether a down economy increases fraud. “Historically, incidences of fraud increase during down times because people become desperate,” says Patrick Touhey, senior vice president of Allied Solutions’ Bond Division. Fraud occurs across the board—wire fraud, robberies, check fraud, and employee dishonesty.”
But Mundine says risk doesn’t have as much to do with the current economic environment as it does with globalization and the opportunities for fraud it presents. “No location or person is immune to fraud. Some of the most prevalent threats we’re seeing are related to information theft.”
Besides fraudulent assaults on information technology, Mundine cites other substantial risks:
Even as credit unions face rising risks, they have fewer insurance options than before. “Insurance coverage is different than it was five or 10 years ago, with fewer options,” says Slagel. “If there are no insurance options for certain activities, credit unions have to decide how to minimize their risks.”
One example of how insurance can’t cover every form of loss, says Mundine, is check fraud. “Insurance can protect you against dishonest member acts. But it generally doesn’t [help] when a member deposits a Nigerian scam check and is later liable for the money he wired to the fraudsters, assuming the member didn’t intend to defraud the credit union.”
When they can’t get coverage, says Slagel, credit unions must install clear procedures that shield them from the limits of their policies. “We’ll evaluate a credit union’s policies and procedures and recommend changes that reduce the risk of loss.”
“Some policies will offer protection against loan fraud provided the credit union follows the policies’ conditions,” adds Touhey. “Fortunately, the process of meeting those conditions minimizes the risk of fraud.”
One way to minimize risk is by changing wire transfer procedures. The techniques that work best, though, are ones credit unions should carefully explain to members.
“If someone calls in a request to wire transfer funds from a home equity line of credit to a foreign bank, you have an immediate basis for suspicion,” says Mundine. “Some credit unions, however, might not spot this type of activity. They’re under pressure to provide good member service, and see assenting to a large withdrawal or wire transfer as fulfilling that.
“But given changes in fraud patterns,” he continues, “credit unions need to be more diligent, perhaps by setting monetary limits and implementing stronger authentication procedures, or requiring wire transfers over a certain amount to be made in person.”
Balancing fraud prevention and service, says Slagel, goes back to education. “If a credit union has to do something that inconveniences members to lessen its risk, it should tell them clearly why it’s doing that.”
Next: Privacy liability coverage