Flower Shop Fraud
0 comment(s)
Committing bank fraud is easy when you have help on the inside. That’s what the prosecutors in the UK think happened in a $2m fraud scheme involving high net worth accounts. Between July and September 2008, a gang lead by Neil Wynne targeted Barclays Bank branches throughout the middle of England. Prosecutors believe that the gang had help from a bank employee as they had an uncanny knack for picking the best accounts to target. They also had no problem overcoming the bank’s security procedures. They just can’t prove that an employee was involved – at least not yet.
Here’s the scheme… With a fake passport in hand, one member of the gang pretended to be the owner of an existing, well-funded, Barclay’s Bank account. A second member of the gang posed as the accountholder’s partner.
Once the new account was opened, the gang proceeded to transfer money from the existing account to the newly opened account. They would then launder the proceeds through other accounts as well as purchase foreign currency and make cash withdrawals. Some of the money actually made its way overseas to be reintegrated back in to the UK banking system at a later date.
How do you prevent this type of fraud? Since the gang used fake passports during the account opening process, bank employees could be made aware of the tell tale signs that a passport was fake. Branch employees could also be given photographs of the suspects. But let’s be honest, how realistic is it to expect branch employees to be experts in detecting fake passports as well as memorizing the faces of every suspected fraudster that targets the bank? For a bank in the United States with a large regional or national footprint it is almost impossible to ensure that employees have all the information at their fingertips to stop a particular fraud scheme. Bottom line: how many branch employees have time to study every communication that comes from the home office?
So really, how could this fraud have been stopped? The gang needs information on accounts with large enough balances to make the fraud worthwhile. They also need enough of the accountholder’s personal information to trick a branch employee in to opening a new account. Finally, the gang will need to steer clear of a branch that will know what the accountholder looks like.
Could a fraud detection solution be programmed to flag an employee that is surfing for accounts with high balances where the accountholder resides outside of the UK and subsequently printing or emailing the customer’s personal information to themselves or a third party? Absolutely! If that doesn’t uncover the insider, change the rules and try again. May be the employee is changing account statement addresses to that of their own. Or, they might be printing the account statements and walking out the branch with the information in hand. You are only limited by your ability to imagine what the employee’s actions will look like in your data. Ideally, such a rule should be deployed proactively well in advance of the first attempt to commit fraud. If the fraud is already in progress, the fraud detection engine can be redeployed to monitor account transactions between apparently related accounts. Again, use your imagination and think about the data footprint a fraud leaves within your systems.
Or, you can wait for fraud to happen and then attempt to limit losses by educating branch employees on the red flags. I know which option I prefer…
Posted in:
New Account Fraud
Collusive Networks
Deposit Account Fraud