Sometimes, it seems as though fraud is committed by the most unlikely people. Other times, an employer may look back and realize that the red flags were there, but no action was taken until it was too late. In either case, instances of fraud are often a wake-up call to an organization that has not made strong efforts to reduce the potential for fraud committed from within.
To begin using measures to prevent insider, or occupational, fraud, credit union leadership should be aware of the reasons why a person might commit fraud in the first place. The Association of Certified Fraud Examiners explained that fraud occurs when three criteria are met, also called the fraud triangle. Before someone engages in fraudulent activity, he or she:
- Has a financial need.
- Has the opportunity to commit fraud.
- Finds a way to rationalize the crime.
Credit unions can reduce the risk of occupational fraud by addressing each of the three sides of the fraud triangle.
Addressing criteria No. 1: Financial need
Being aware of employees' lifestyles and home situations can give greater insight into how risky an employee is.
According to research from the ACFE's 2016 Report to the Nations on Occupational Fraud and Abuse, 45.8 percent of cases of occupational fraud involved a person living beyond his or her means. Another 30 percent of cases included someone experiencing financial hardship.
Credit Union Times pointed out that a credit union's human resources department can play a big role in deterring fraud before it happens. If they noticed that an employee chose to take out a loan against his or her 401(k), or their wages are garnished, for example, it could be a sign that there are financial struggles at home that could lead to feeling pressure to find funds elsewhere.
Taking the time to reach out to that employee to determine how the credit union can help ease their struggles, or just to show that the institution cares about employees' situations, may make them reconsider a bad move.
It's not uncommon for employees' situations change during their time working at the credit union. There are also instances when someone's financial challenges are already a major part of life when they are hired, but don't reveal them. It's important to be aware of this information during the onboarding process, Credit Union Times explained. Some tried and true ways to find red flags among new hires include:
- Conduct a background check - 5.6 percent of occupational fraud cases include someone with past legal issues, according to ACFE.
- Require a drug test - 10 percent of cases involve someone with an addiction.
- Check their credit report if allowed in that state.
- Ask for professional references - 6.8 percent of cases involve someone who's had past employment problems.
Addressing criteria No. 2: Opportunity
It's not always obvious when someone's home life is becoming difficult. ACFE found that in 8.8 percent of cases, the individual committing fraud didn't show any common behavioral signs of risk. Since the first criterion isn't always obvious, it's important to ensure no single employee is given the opportunity to commit fraud.
Reducing opportunity can be difficult in a small credit union when employees need to be given a certain level of clearance to perform their job duties. However, there are ways to control those permissions to lower the risk.
Take, for example, the common fraud scheme of phony loan origination. If the employee is in charge of both loan approval and loan disbursal, he or she has ample opportunity to steal funds. Dividing these tasks between two individuals will reduce the chances of fraud.
The same idea can be applied to the task of retrieving cash from the vault. If certain employees are trusted with the entire code of entry into the vault, they may walk in filled with temptation. But, if two employees are required to get into the vault - perhaps one person has the first half of the code, and a second person has the other half - it's far less likely that one or both of them will steal.
Some types of fraud require the thieves to be completely hands-on so they can continuously cover their tracks. ACFE found that three tell-tale signs of fraud are:
- An unwillingness to share their job duties with others.
- Demanding control over their job functions.
- Refusal to take vacation time.
As such, one way to prevent certain types of fraud is to make it impossible for someone to have complete control over any aspect of the credit union. Additionally, required vacation times during which another employee performs another's job functions can eliminate certain opportunities.
Addressing criteria No. 3: Rationalization
While employers can't control their employees' thought processes, credit union leadership and human resources can remind employees of what is expected of them. Requiring that employees read and sign a fraud policy on an annual basis will serve as a reminder that the credit union takes this issue seriously and has no tolerance for insider fraud.
One of the most vulnerable times during an employee's tenure at a credit union is when their employment is coming to an end. This is regardless of whether they are leaving on amicable terms or they were let go, Mike Tierney, chief operating officer for SpectorSoft, a user activity monitoring and analysis software company, told Credit Union Times.
"People who are leaving a company are more likely to take something with them," Tierney said. "What we know is that one out of every two employees surveyed say they think it is OK to take corporate data with them when they leave. I've seen surveys where 18% of employees admitted to stealing corporate intelligence after leaving a company. When 18% are admitting it, you know the number is a lot higher than that."
During the exit interview, the credit union should give leaving employees the opportunity to own up to an attempt at taking information. Tell them directly that, if they already have or are planning on taking information, to return or destroy it. Additionally, review confidentiality agreements during the exit interview to remind them that the credit union won't tolerate crime from its employees, past or present.