The NCUA offers the following tips to prevent fraud in your CU.
November 1, 2012
Since it can be difficult to detect fraud schemes, The NCUA Report’s September 2012 newsletter offers the following tips to combat fraud in your credit union:
Implement a fraud policy that also requires employees to read and affirm each year. No credit union is too small for a policy, which spells out specific penalties, including termination. Most important, should a violation occur, credit unions must enforce the penalties.
Establish a fraud hotline at the credit union and/or provide the number for NCUA’s toll-free fraud hotline at 800-827-9650. Tips are important in detecting fraud, so make sure staff are aware that you have a hotline.
Smaller credit unions should actively involve their supervisory committees when there’s a lack of segregation of duties—due to limited staff—that prevent dual control over the critical areas of cash, investments, and loans. The supervisory committees, in this instance, would perform surprise cash counts on a regular, but random basis.
Establish individual user and password controls. This policy will thwart a fraud perpetrator from hiding behind another employee. Additionally, establish access controls for performing transactions. For example, the individuals approving or creating loans shouldn’t be performing disbursal or payment transactions.
The board of directors for all federally insured credit unions must stay on top of and follow through with recommendations from examiners, auditors, or internal auditors that correct identified weaknesses in internal controls.
Take advantage of NCUA’s online Information Center atncua.gov/Resources/Cnsmrs/Fraud. This website includes an update of current fraudulent schemes aimed at credit unions, contains details about the agency’s fraud hotline (all reports remain confidential), offers background on phishing schemes where emails are purportedly coming from NCUA, links to suspicious activity report (SAR) forms and guidance, and connects credit unions with other resources readily available, including the Federal Bureau of Investigation, U.S. Postal Service, and the President’s Identity Theft Task Force.