Willie Sutton, when asked why he robbed banks, famously replied, “Because that’s where the money is.” So, it’s no surprise that banks are prime targets for fraud. According to the Association of Certified Fraud Examiners (ACFE), the banking and financial services industry consistently tops the list of industries most frequently affected by occupational fraud.
ACFE conducts a biennial survey and publishes the results in its reports on occupational fraud. Survey participants include certified fraud examiners (CFEs), internal auditors, accounting and finance professionals, compliance and ethics professionals, law enforcement, and other fraud investigators around the world. In the most recent edition, Occupational Fraud 2022: A Report to the Nations, banking and financial services again had the most occupational fraud cases (351 of the 2,110 cases studied). The average loss was approximately $1.74 million and the median loss was $100,000.
Important caveat: A high number of fraud cases may or may not mean that the banking and financial services industry experiences more fraud than other industries. It also might indicate that the industry employs more fraud investigators than other industries do — or it’s more heavily regulated. Either way, fraud is a significant problem.
Categories of fraud
ACFE classifies occupational frauds into the following three categories:
In the banking and financial services industry, the majority of occupational frauds (84%) involve asset misappropriation, while corruption occurs in 46% of cases and financial statement fraud happens in 11% of cases. Note that while financial statement fraud is relatively infrequent, it tends to produce the largest losses.
The most common asset misappropriation schemes in banking and financial services are:
Keep in mind that these are only the most common occupational fraud schemes. Banks also may be victimized by a variety of external fraud schemes, such as check fraud, vendor fraud and cybercrimes.
A strong system of internal controls is an excellent fraud prevention measure. For example, background checks, segregation of duties, dual authorization and management review are some of the most effective tools for preventing fraud.
Indeed, ACFE’s survey found that many frauds occur because of the lack of internal controls (29%), the override of existing controls (20%) or the lack of management review (16%). Although deterring fraud is the best strategy, despite your best efforts, fraud may still occur. Have controls in place to detect fraud and put a stop to it before it gets out of hand. (See “Antifraud controls and percentage of fraud reduction,” below.)
According to the ACFE, the most common way frauds are initially detected is through tips (42%). Most often, tips are from employees, but they also may come from customers, vendors and others. It’s a good idea for banks to set up hotlines where people can report suspected fraud via phone, email or online forms (preferably all three).
Regardless of which mechanisms your bank uses, you should allow for anonymous reporting. The ACFE reports that around 16% of tips were anonymous. In addition, frauds are commonly detected through internal audits (16%), management review (12%) and document examination (6%).
Evaluate your risk
Each institution is different, so it’s a good idea to conduct a formal risk assessment to identify your bank’s specific vulnerabilities to fraud. Such an assessment will help you develop an antifraud program designed to mitigate those vulnerabilities and protect your bank from fraud.
Sidebar: Antifraud controls and percentage of fraud reduction
The following table summarizes the antifraud controls that were most effective in terms of reducing fraud losses and duration, according to Occupational Fraud 2022: A Report to the Nations.
|Antifraud control||Loss reduction||Duration reduction|
|Job rotation/mandatory vacations||54%||50%|
|Proactive data monitoring/analysis||47%||56%|
|Formal fraud risk assessments||45%||44%|
|Fraud training for employees||45%||33%|
|Code of conduct||40%||33%|
Contact us with questions.