Click Cover to Read Digital Edition



Shared Servicing & Outsourcing
Feb. 23-24
San Francisco
ABA Mutual Community Bank Conference
March 1-5
Gaylord Palms Resort
ABA Mutual Community Bank Conference
March 22 & 23
Marriott Marquis
Washington, D.C.
Card Forum & Expo
April 8-10
More events >  

<- Back

Share |

Print Friendly and PDF

Fight Fraud With Strong Internal Controls

By: Robert L. Kardell and L. Rand Gambrell

Bank fraud can come in many forms: employees stealing from cash drawers, customers trying to cash altered or forged checks, appraisers inflating the value of loan collateral or bank employees and management creating fictitious loans.

Regardless of the form of the fraud, recent statistics confirm the fact that fraud continues to be a problem in the banking and financial institution industry. In fact, according to the 2008 Report to the Nation on Occupational Fraud and Abuse prepared by the Association of Certified Fraud Examiners, the banking industry is the most victimized of any industry, accounting for nearly 15 percent of the frauds reported in the 2008 report.

Misappropriation (theft) of cash on hand, which accounted for approximately 28 percent of the frauds reported, was one of the most common types of fraud reported by the banking and financial institution industry. The good news regarding this type of fraud is it tends to involve a smaller dollar amount. The average loss from cash theft in the banking and financial industry is approximately $35,000.

Corruption schemes, on the other hand, which include conflicts of interest, bribery, illegal gratuities and economic extortion, are the most common types of banking and financial institution fraud. They account for approximately 33 percent of reported cases. In addition, these types of fraud tend to be much more costly to the bank or financial institution. The average loss resulting from a corruption scheme is approximately $375,000.

What can banks do to protect themselves? To paraphrase Wendell Phillips, eternal vigilance is the key to avoiding fraud losses. Upper management must make a commitment to fraud awareness and avoidance, strong internal controls and an awareness of the warning signs and red flags of fraud.

Case Study #1

In a recent fraud case, the manager of a community bank made herself several loans from bank funds. These loans were used for her extravagant lifestyle: She owned the largest house in town, drove the nicest cars and was typically seen wearing expensive designer suits and clothing.

After rolling several loans, she would take out new loans to pay off her previous loans as they came due. The bank manager became concerned that her new boss would become suspicious of the loans because payments were never made and the loan balance was not being reduced. As a result, the bank manager began identifying customer certificates of deposit that were nearing maturity. As the CDs matured, the bank manager would use the proceeds to pay down her loans. Later, if the customer came to the bank requesting the proceeds of their matured CD, the bank manager would cash out a different customerís CD to pay the current customer. This scheme is similar to an accounts receivable fraud scheme called lapping.

Eventually, maintaining the fraud scheme was taking so much of the bank managerís time and causing her so much anxiety, she confessed to the scheme when she was notified an outside auditing firm would be conducting an audit of her branch. Even after the sale of the former bank managerís house and cars, the loss to the community bank was still several hundred thousand dollars.

Case Study #2

Another bank fraud case with a senior lending manager involved several loans tied to one particular business owner in a medium-sized community. The bank manager made loans to fund the business ownerís projects. In exchange the business owner acted as a guarantor on a construction loan for the lending managerís own house.

The scheme came apart when the lending managerís wife systematically altered the plans during the construction of the home, thereby substantially increasing its cost. The manager eventually had to forge documents in order to obtain a new loan to fund the overage on the construction costs. The bank eventually discovered the construction loan, the subsequent additional loan and then the numerous loans to the business owner/guarantor. The bank also discovered an inflated appraisal by an often-used appraiser.

After reviewing the construction loan and documentation, the bank decided to interview the builder. It was then discovered that the lending officer had provided the builder a waiver of liability on behalf of the bank, which released them from liability as co-signers on the note. A computerized review of the master loan file revealed the lending officer had greatly exceeded his lending authority and created many different loans to many individuals and entities, all of which were dependent on the success of the business owner and one particular project. At the end of the investigation, it was determined the bank loaned more than $12 million to various individuals and organizations tied to the business owner and the project.

These examples illustrate and confirm several of the findings included in the 2008 report. Corruption cases (which include conflicts of interest, such as both the bank manager taking out loans that would not be repaid and the lending manager mischaracterizing various loans in order to exceed his lending authority) can result in significant losses to banks and financial institutions. In addition, inadequate internal controls permitted the frauds to take place. In the first example, the bank had strict policies relating to loans made to bank employees and officers. However, these policies were not enforced or monitored by upper bank management.

Both examples also highlight fraud is frequently committed by upper management. In fact, according to the 2008 report, approximately 18 percent of fraud is committed by upper management. Accounting departments are the most frequent perpetrators of fraud, responsible for 29 percent of reported frauds.

Finally, in one of the most prevalent red flags of fraud, which was present in both of the cases, the fraud perpetrators had a history of living beyond their means. According to the 2008 report, in 39 percent of the fraud cases reported, the perpetrators had a history of living beyond their means. In addition, 34 percent of fraud perpetrators admitted they were experiencing financial difficulties at the time of the fraud.

Fraud Avoidance Tools

One of the most effective ways banks and financial institutions can avoid these types of fraud is to periodically review loan master and loan maintenance files. This review can include an analysis of interest rate changes made to loans, a review of loans for which the maturity date has been extended without a formal loan renewal and an analysis of loans for which payment due dates have been altered.

In addition, financial institutions should review internal policies regarding loans made to employees and management. Because these types of loans are prone to abuse, upper management should closely monitor these loans to ensure they are being paid in a timely manner and in accordance with normal loan terms.

It is also important for banks to periodically review computer system access and related internal control reporting mechanisms. A great time to review these controls is when certain events or changes in the organization take place. In the second example, the opportunity for the fraud began with the rapid growth of the bank. The bank moved its administrative offices to another location, making the senior lending officer the de facto branch manager without proper oversight. The bank also changed banking software systems to accommodate its growing organization, which allowed the lending officer to circumvent normally reliable lending controls.

These event-triggered reviews should take place every time there are changes or upgrades in software systems, management oversight, organizational structure or changes in personnel. It is imperative that controls are tested and reassessed after significant changes to preserve their effectiveness and integrity.

While the 2008 report highlights the fact fraud remains a significant problem in the industry, with some eternal vigilance, financial institutions can reduce fraud risk and avoid being a statistic in the next Report to the Nation on Occupational Fraud and Abuse.

Robert L. Kardell and L. Rand Gambrell are managing consultants and members of the forensics & dispute consulting division of BKD, LLP. Contact Kardell at rkardell(at) Contact Gambrell at rgambrell(at)

Copyright © October 2008 BankNews Publications