Compliance Update with Amy K
by Amy Kleinschmit
Chief Compliance Officer
9/4/2020

Internal Fraud –Prevent It, Deter It, Report It

Any form of fraud that involves a credit union employee or official is unacceptable. Credit unions must take steps to deter internal fraud and respond appropriately if fraud is discovered. While fraud may or may not result in a loss to a credit union, any unfair or unlawful gain or fraudulent activity by a credit union employee, official, third party, or credit union member should be investigated, reported, and stopped.

In the final rule issued on Fidelity Bond coverage requirements, the NCUA noted that, “between 2010 and May 2019, the NCUSIF has already lost in excess of $10 million from fidelity bonds that were voided due to the signatory being aware of fraudulent activities.” 84 FR 35520 The final rule takes steps to address the rescission issue, however, the $10 million in losses was staggering, but that was just from rescinded bonds. In the September, 2016 NCUA Report, it was reported that “In the past four-and-a-half years, the Share Insurance Fund has suffered fraud-related losses of approximately $146.8 million.”

Findings in the Third Quarter, 2017 NCUA Report, “over the last ten years, NCUA has liquidated 135 natural person credit unions, ranging in size from just under $15,000 in assets to more than $320 million in assets. A little less than half of these liquidations were caused by fraudulent activity. In recent years, fraud has played a role in several failures. In 2016, fraud was a contributing factor at 10 of the 14 credit unions that failed during the year, costing the Share Insurance Fund $6.5 million. In 2015, fraud was a contributing factor at 11 of the 16 failed credit unions for that year, costing $12.3 million.”

Fraud is obviously costly in terms of dollars that is paid by the share insurance fund – but also in terms of reputation risk to the industry. Which prompts this reminder on having systems in place to prevent and deter fraud. Credit union officials and employees are in the best position to deter fraud.

If you suspect credit union employees, officers, or volunteers have engaged in fraud – report it. NCUA’s fraud hotline is 800.827.9650. Post the fraud hotline number at your credit union for staff and volunteers to use. Callers can remain anonymous, but must provide enough information so the problem, individual(s), and credit union involved can be identified. All reports are kept confidential. You can also provide this information to your NCUA regional office or state supervisory authority, along with any questions. Allegations provided to the NCUA Fraud Hotline or the NCUA regional offices will also be reported to the NCUA OIG.

The credit union’s board of directors is responsible for establishing and maintaining a system of internal controls. The Supervisory Committee, in FCUs, is responsible for assessing the effectiveness of the internal controls through audit and review. The Board and Supervisory Committee must not become complacent, especially when it comes to the topic of fraud. Ask questions and don’t accept answers that don’t add up – trust but verify.

As discussed in the NCUA exam manual, “Credit unions can manage the risk of fraud by adopting board-approved policies in several areas, enforcing those policies, and ensuring that staff are adhering to those policies.” Some policies to deter fraud include: anti-fraud policy; internal control structure; internal control policy; travel and expense policy; hiring policy; code of ethics; and whistleblower policy.

Resources:

NCUA Examiners Guide – Fraud

Free Webinar - Deterring Employee Fraud

Free Webinar – Internal Controls

NCUA Fraud Series (8 videos) Videos  

 

FinCEN Statement

On Tuesday, the Financial Crimes Enforcement Network issued a statement regarding unlawfully disclosed suspicious activity reports (SARs). The statement is as follows: The Financial Crimes Enforcement Network (FinCEN) is aware that various media outlets intend to publish a series of articles based on unlawfully disclosed Suspicious Activity Reports (SARs), as well as other sensitive government documents, from several years ago. As FinCEN has stated previously, the unauthorized disclosure of SARs is a crime that can impact the national security of the United States, compromise law enforcement investigations, and threaten the safety and security of the institutions and individuals who file such reports. FinCEN has referred this matter to the U.S. Department of Justice and the U.S. Department of the Treasury’s Office of Inspector General.

 

Proposed Changes to Flood Insurance Q&As

Five regulatory agencies, which includes the NCUA, issued a proposal to make certain revisions to the Interagency Q&A regarding flood insurance. These revisions would address escrow of flood insurance premiums requirements; the detached structure exemption; and force-placement procedures.

Comments are due November 3, 2020 (previously due September 4, 2020) and the proposed revisions can be found here.

 

InfoSight Highlight - Don’t Miss an Important Date!

One of the great resources on your InfoSight dashboard is the Compliance Calendar.  Upcoming events are highlighted, but did you know you can also review events that have passed? Check out this valuable resource today to be sure you’re prepared for what’s ahead!

 

As always, should you have any questions or concerns please do not hesitate to contact me Amy Kleinschmit.

 

 

<< Go to Memo List