Take Time For Lessons Learned - Check Fraud
2 comment(s)
As I mentioned in a previous post, each fraud case that hits the news provides an opportunity to analyze your internal control environment and determine whether or not the same fraud could be perpetrated against your institution. Let's consider a recent report of bank fraud:
- 30 perpetrators involved in scheme
- 8 banks targeted
- Names, date of birth, addresses, social security numbers and bank account numbers gathered from three sources: bank employees, a car dealership employee and an insurance company employee
- Runners would use fake driver's licenses to cash fraudulent checks/perpetrate fraudulent withdrawals from the customer's accounts
- At least one bank employee would cash "large†dollar checks for runners
- Many check runners were drug addicts. Ringleaders would provide clothing for driver's license photos
- Ringleaders would accompany runners to cash checks
- Total loss - $1 million
If we start with how the money left the bank, and work backwards, we can develop some good information. First, the article does not indicate if the checks negotiated were "on-us" versus "not-on-us".
Let's assume that since the fraudsters had all of the information available to commit identity theft that they focused on "on-usâ€. Also, let's also assume that the fraudsters did not visit the customer's "home" branch as doing so would raise the risk of bank employees knowing the customer and identifying the fraudsters. Consider the following potential red flags:
- The customer is wearing the same clothes as they appear to be wearing in the driver's license photograph. In addition, their clothing may appear to be ill-fitting or soiled. They appear nervous. Alternatively, they are making a concerted effort to appear relaxed
- The same individual (ringleader) visits the bank with different customers (runners) yet he does not approach the teller
- When asked for ID, the runner produces a driver's license from their pocket (not a wallet, or bill fold)
- Check cashing appears to be inconsistent with the customer's previous account activity (for example, they have no check activity, or they normally use debit cards etc)
Note: Since the article mentioned that the gang had a bank employee that would cash "large" checks, the fraudsters may have used that employee to cash "not-on-us" when needed.
Since most of the red flags noted above need to be observed (the employee must know what to look for, and be able to recognize it when they see it) the chances of stopping the fraud using this approach are low. Also, most importantly, the fraudsters have bank employees on their payroll. The employees will have no doubt been asked (or required) to share in minute detail the bank's internal policies and procedures.
Alternatively, let's consider how the bank employees that were recruited by the ringleaders might be uncovered. In order to perpetrate fraud, the employees would need to access the victim's accounts then print, email or transcribe the account information. Again, working backwards from the money leaving the bank, the next step for all "on-us" frauds should include a review of who accessed the account, when, and where they are located within the bank.
Remember: this fraud is collusive (multiple banks, multiple employees, runners, ringleaders). Collusive fraud creates patterns, and patterns can be detected. Given the number of banks involved, the pattern that you have access to in your bank may not be as well formed as the pattern at another bank, therefore cooperation with other banks can be crucial to stopping this type of fraud. But that's a discussion for another column.
Has your bank uncovered a check cashing ring? How was it discovered? What did you learn from the investigation?