When we hear the word fraud, our own personal ideas and experiences about it usually come to mind. An official definition of fraud as published by the Institute of Internal Auditors in its International Professional Practices Framework, is “… any illegal act characterized by deceit, concealment, or violation of trust. These acts are not dependent upon the threat of violence or physical force. Frauds are perpetrated by parties and organizations to obtain money, property, or services; to avoid payment or loss of services; or to secure personal or business advantage.”
For financial institutions, typical fraud schemes include one or more of these components: corruption, cash, billing, check tampering, skimming and larceny. To detect corruption, financial institutions usually check the list of problematic customers published by the U.S. Treasury Department’s Office of Foreign Asset Control (OFAC. Cash schemes often take the form of transactions that fall just below the regulatory reporting threshold. To identify such schemes, a financial institution may need to recognize a series of cash disbursements by a customer that together exceed the threshold. Similarly, determining that an unusually large number of fees have been waived by a branch or an employee of a bank may help uncover fraudulent billing schemes. Larceny, committed when a customer account is taken over by a fraudster, can be detected by identifying sudden activity in dormant customer accounts. In all cases, knowing and identifying your customers will help you uncover these fraud schemes.
Focusing on this, Mercadien recently hosted a seminar on the use of consumer profiling as a means to prevent and/or detect fraud. Seven key factors to evaluate in your customer risk-rating methodology were presented, including their:
- Geographic area/location
- Volume of anticipated transaction activity
- Type of customer – Individual or business? Elderly? Political? If a business, what type of buiness: sole proprietorship, LLP, LLC, corporation, etc.
- NAICS (North American Industry Classification System)
- Code for businesses
- Standard Occupational Classification (SOC), career listing for individuals
- Product/services offered by the customer/business
- Length of relationship with your bank.
Scoring each of these factors will result in an overall and useful risk rating for each customer.
Certain consumers should automatically be considered high-risk, such as those with privately-owned ATMs and non-bank money service businesses. While risk rating should be performed at account opening, equally important are periodic reviews and reassessments of accounts, through alert monitoring and/or enhanced due diligence. The latter can take the form of site visits to a customer’s business location, as well as comparing anticipated financial activity to actual results.
Mercadien provides regulatory compliance advisory services to help banks develop or fine tune their risk rating methodology. Our experienced professionals can also perform audits or validations of your BSA (Bank Secrecy Act) system. To learn more about the beneficial impact stronger consumer profiling and risk assessment can have on your institution, please contact me at firstname.lastname@example.org or 609 689-9700.