Memento provides next-generation technology and solutions that enable financial institutions to rethink and improve the way they combat fraud and manage compliance. Memento customers realize unmatched business value and rapid ROI.

Home > Forums > Bank Fraud Forum > Insights and Opinions > History Repeats Itself

RECENT NEWS

View All

bank fraud forum
< Back to listing

History Repeats Itself

July 22, 2009 by Paul McCormack
0 comment(s)

"Those who don't know history are destined to repeat it." - Edmund Burke

Some banks seemed destined to repeat history. They experience a fraud, conduct a thorough investigation, and then close the case. Within a matter of weeks, or maybe months they experience the exact same fraud. Why? They failed to improve the bank's ability to detect and prevent fraud even though they had most, in not all of the information available from the first loss.

A highly trained investigator that I worked with often remarked that investigating the same type of fraud over and over is "like paying the admission price and not watching the movie." Granted some types of fraud are extremely difficult to detect, prevent and eradicate, but doing nothing to lower the probability of reoccurrence is just not defensible.

Pulling the plug on an investigation too soon can result in a failure to uncover the root causes of the fraud. To further complicate matters, there is often pressure from senior management to wrap up the investigation. As an investigation is entering the closing phases, ask the following questions:

  • With what we now know about the fraud, do we have a plan in place to prevent a similar loss in the future?
  • Do we fully understand how the fraud was perpetrated?
  • Did our existing fraud detection system(s) uncover the fraud? If not, do we know why not? If gaps were identified, do we have a plan to remediate?
  • If the fraud was collusive in nature, do we have a solid understanding of the players, their roles, how they were connected and how to detect in the future?
  • Have we identified the failures in people, process and technology using the appropriate forensic techniques and tools?
  • Have we appropriately documented the investigation in our case management system, better yet, have we created the appropriate alerts to uncover similar fraud in the future?
  • Have we documented any control weaknesses? Do we have a plan to remediate that includes ownership and due dates?

Consider the case that I previously discussed involving two Bank of America employees that raised the credit limits on client accounts. The funds were then dispersed for the benefit of a third party, obviously without the permission of the client. In theory, with what we know about the case, and using the methodology above, the following changes could be made to stop the fraud from reoccurring:

  • Implement reporting that identifies all employees in the bank that have the ability to increase credit limits as well as reporting to monitor credit limit increases
  • Develop a review of the level of approval needed to grant an employee the authority to raise credit limits
  • If the client statements were placed on a "do not mail" list, create reporting that monitors accounts that do not receive statements
  • Launch an audit that monitors the type and number of banks accounts that employees access
  • Utilize robust case management / forensic tools to compare output from all of the reports noted above to develop fraud suspect reports
So share your thoughts, do banks spend enough time learning from history, or are they destined to repeat it?

Make a Comment

* = Required
*
*
*
*
 
Solutions Overview
Technology
Approach
Forums
About Memento
WE CAN ALSO BE FOUND:
  • facebook
  • linkedin
  • twitter

©2012 Memento, Inc. All rights reserved.
55 Network Drive Burlington, MA 01803
1-877-371-0673 |

Privacy/ Usage Agreement | Contact Us | Sitemap