1 / 66

White Collar Crime in America The Enemy Within

White Collar Crime in America The Enemy Within. Prepared for the NCUCA April 6, 2018 The Venetian Hotel.

carylg
Download Presentation

White Collar Crime in America The Enemy Within

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. White Collar Crime in AmericaThe Enemy Within Prepared for the NCUCA April 6, 2018 The Venetian Hotel

  2. Employee theft happens more often – and for longer periods of time – than thought. For the past three years, an insurance company looked at active employee theft cases in the US federal court system. Over the course of their research, some trends started to emerge:

  3. More perpetrators have positions in finance and accounting, but embezzlement happens in every department, at any level. The financial services industry continues to have the highest number of cases of employee theft, but no industry is immune.

  4. Small businesses face disproportionately high costs for white collar crime compared to large firms. More embezzlement is committed by women than men, by a small margin. www.mainsailtrim.com

  5. Embezzlement by the Numbers $1.13 Million average (mean) loss $319K median loss 55% occurred at companies with less than 100 empl. 37% were committed by someone in finance or accounting position. 30% of cases occurred in the financial services or government sector.

  6. Embezzlement by the Numbers 48 yrs old, the median age of the perpetrators. 37% of losses greater than $500K 23% of losses exceeded $1M 51% committed by women. 29% lasted for more than five years! www.mainsailtrim.com

  7. Every Company is at Risk Companies of any size are at risk for embezzlement. Small and mid‑sized companies are disproportionally victimized by employee theft, larger companies suffer a higher median loss.

  8. Every Company is at Risk Small or mid-sized Business $289,863 median loss 50.2% of small business perpetrators are female Large Business $452,025 median loss 54.7% of large business perpetrators are male www.mainsailtrim.com

  9. Most Common Scheme FUNDS THEFT!

  10. Warning Signs of Embezzlers Intelligent and curious Embezzlers pick things up quickly, are eager to know how everything works & once they learn the processes, they manipulate them for their own gain. Egotistical risk-taker Rule breaker in and out of work life – from speeding tickets to overusing ‘sick time.’ Disgruntled An employee who feels they are being treated unfairly may be tempted to steal to ‘even the score.’ They may be unable to relax, or may experience severe changes in behavior.

  11. Warning Signs of Embezzlers Diligent and ambitious An embezzler may come in early and leave late, and never take vacations. This can appear to be dedication to the company, but in fact it is an effort to keep from being found out. Extravagant Embezzlers will often flaunt their wealth, so watch for employees who are clearly living a lifestyle that is out of proportion to their salary.

  12. Anatomy of a long ‑running scheme The longest‑running scheme found went on for 41 years! $2.2 Million – 5 years or more. (average loss) $5.4 million – 10 years or more. (average loss) 29% of employee schemes lasted more than 5 years. 37% of schemes in financial services lasted longer than 5 years. Most long running schemes involve employees working alone.

  13. Most Common Schemes The most common methods used in long‑running schemes were check fraud and funds theft.

  14. A scheme dating back to the Late 70’s With two sets of books, an Iowa credit union employee carried out a theft from the time of her hiring in 1978 until 2015.

  15. “We need to dispel the myth that embezzlement is all about elaborate schemes constructed by financial wizards. Oftentimes the most damaging cases result from simple skimming of relatively small amounts over time; just enough to fly below the radar. There may be no long‑term diabolical plot at all. The employee errs, thinking ‘I’ll never do it again.’ And it gets easier and easier to do the next time, and the next.” M. Jeffrey Beatrice Former Managing Director and General Counsel for Anti‑Money Laundering at Citigroup and longtime Assistant United States Attorney in the District of Columbia.

  16. At Risk Businesses Financial Services Municipalities/Government Manufacturing Real Estate/Construction Labor Unions Healthcare Retail IT/Telecom www.mainsailtrim.com

  17. Industry Class % of Cases Median $ Loss Financial Services - 17.8% - $273,843 Municipality/Government - 12.4% - $68,705 Manufacturing - 10.2% - $558,172 Real Estate/Construction - 9.6% - $352,805 Labor Union - 6.1% - $36,647 Other Services - 6.1% - $165,000 Healthcare - 5.1% - $437,016 Retail - 4.3% - $485,800 IT/Telecom - 3.3% - $2,400,000 www.mainsailtrim.com

  18. Common themes, common schemes www.mainsailtrim.com

  19. Common themes, common schemes www.mainsailtrim.com

  20. Common themes, common schemes www.mainsailtrim.com

  21. What’s Needed For Embezzlement Need Opportunity Rationalization www.mainsailtrim.com

  22. What Creates Need? • Drugs • Mounting debts • Boyfriends/Girlfriends • Alcohol • Gambling • Family related problems www.mainsailtrim.com

  23. What Creates Opportunity? • Lack of management oversight • Missing or weak internal controls • Not following internal controls • Employee finds the weakest link www.mainsailtrim.com

  24. Rationalization It just got out of control I’m not paid as much as I should be I was this close to winning it all back, just a few more dollars and I’ll have it It’s really not a kite, just using the float I’m going to pay it back It just isn’t that big of a deal

  25. Case Studies www.mainsailtrim.com

  26. Case Study #1 Facts Result Internal auditors conducted ‘surprise’ cash count of drawer, found to be over $21,000 short Count of unprotected 20,’s was found to be over $58,000 short Total loss over $80,000 Employee & their supervisor, terminated! • Head teller took frequent trips to Vegas • Teller drawer hadn’t been counted in over a year • Bundled cash of $20’s was sitting unprotected in safe

  27. What to Do Surprise Cash Counts • Cash counts are a surprise. • Cash counts are conducted frequently. • The individual responsible is present. • Cash totals are verified. • Strict dual control. • Spare key control.

  28. Case Study #2 Facts Results Was keeping checks and negotiating at other institutions Was advancing due dates on loans Discovered loss of over $20K • Loan officer could approve and fund loans • Was driving a vehicle that was above their pay grade • Would accept payments from members • Would frequently come in early, stay late, not take full vacation. • Was able to make maintenance changes on loans unchecked

  29. What to Do Loan Reviews • Paid ahead due date of more than three months. • High amount of interest due, but the loan is current. • Original loan amount and current loan amount are the same, but the loan is not listed on the delinquency report. • New loan reports by loan officer. • Delinquency/charge-off report by loan officer. • New loan report vs. loan officer reports. • Is a post disbursement quality control review completed?

  30. How to Fix It • Confirmations of loans • Non payroll • Unsecured • Credit cards • Call members • Mail confirmation

  31. Case Study #3 Facts Result Repairs authorized that did not increase the credit unions chance at recovery (kickbacks to Supervisor) Repo at CU, did not have new tires, but supervisors car did. Would notify friends and acquaintances of current bid so they could offer $1 more. • Collections Supervisor had unchecked authority over repossessions, repair authorizations and bidding process. • Supervisor authorized 4 new tires on repo. • Supervisor, acting alone, accepted and reviewed bids on repos

  32. What to Do Repossession Policy & Procedures • Repairs should be authorized/reviewed by higher level employee • Evaluation of repairs suggested Vs return on investment should be conducted • Bids should be reviewed by a Committee

  33. Case Study #4 Facts Result Employee account review was finally performed by Risk Management, who discovered the “kite.” Total amount of checks deposited over the two years - $850,000 CFO Terminated! • CFO was depositing numerous checks from his wife’s B of A account. • Was writing checks from his credit union account to B of A. • No one in accounting questioned it because, he was the CFO • Continued for 2 years • Was living above his pay grade • Children in private school

  34. How To Find It • Review employee accounts at least quarterly. • Train employees to identify anomalies (kiting, etc) and to report suspicious activity no matter who it is. • Use computer reports to identify unusual activity.

  35. How To Fix It • Interview principal • Obtain written statement • Proof of loss audit • Notify Bond Co. • File Bond Claim

  36. Case Study #5 Expense Report Abuse www.mainsailtrim.com

  37. How They Inflate Expense Reports? • Inflating mileage • Submitting the same receipt multiple times • Asking for advances and then requesting a second payment after returning from the trip • Submitting the receipts of a nonemployee (e.g., spouse) • Submitting hotel reservation printouts (with projected cost), but not spending the night there www.mainsailtrim.com

  38. The Weakness • No one is properly reviewing the expense reports. Also, the company may not appropriately communicate the penalties (what happens when fraud is detected) for false reporting. www.mainsailtrim.com

  39. How to Fix It • Create a written expense report policy that all employees sign, acknowledging their agreement to abide by the guidance. • The person reviewing the expense reports should be trained. www.mainsailtrim.com

  40. Fight It • Written Policies • Cash handling • Teller over/short • Loans & credit cards • Expenses • Repossessions • Account maintenance • Fraud policy

  41. Fight It • Internal Controls • Exclusive control • Dual control • Separation of duties • Audit procedures • Accountability • Responsibility

  42. Discussion • Losses Sustained at Your Institution: • What happened? • How was it discovered? • What was the response?

  43. What to do if you suspect an employee is on the take www.mainsailtrim.com

  44. How to Catch an Embezzler www.mainsailtrim.com

  45. What Not To Do • Don’t Jump To Conclusions • Don’t Conduct Group Interviews • Don’t Interview an Employee by Yourself • Don’t Rush To Confront • Don’t Interfere With Law Enforcement www.mainsailtrim.com

  46. Employee embezzlement schemes are often the product of an absence of proper internal controls or a breakdown of those controls. Regular audits and control testing can help to mitigate exposure. And never underestimate the importance of adequate due diligence in the hiring process. Steven J. Durham Former Chief of the Fraud and Public Corruption Section United States Attorney’s Office, Washington D.C. www.mainsailtrim.com

  47. Assigning a Risk Level • A malicious insider threat to an organization is a current or former employee, contractor, or other business partner who has or had authorized access to the organizations network, system, or data and intentionally exceeded or misused that access in a manner that negatively affected the confidentiality, integrity, or availability of the organizations information or information systems. • In short, someone that was given proper access and used in improperly.

  48. Using Risk Levels • A company can often detect or control when an outsider (non-employee) tries to access company data either physically or electronically, and can mitigate the threat of an outsider stealing company property. However, the thief who is harder to detect and who could cause the most damage is the insider – the employee with legitimate access.

  49. Using Risk Levels • Translate risk levels into appropriate levels of scrutiny. • The greater the access, the greater the need for review. • Align a monitoring plan to your risk levels: • High risk positions should be actively monitored • Low risk positions should be passively monitored • Inspect what you expect! (Is access being used properly?)

  50. Active Employee Monitoring • Active monitoring for detailed contextual visibility. • The recording of employee digital activity and having the data collected available for review, reporting, and retention. Active monitoring (occasionally referred to as employee surveillance) is typically employed where there is cause to do so. • Best for – Productivity, Investigations, and Security.

More Related