1. “All hands on deck”
the fight against fraud
k.d.karydias
Group OpRisk Officer
2. Background
Banking fraud is as old as the industry itself, and is one
of the largest expenses faced by many financial
institutions
The economic effects of the market downturn are
exacerbated by a surge in financial crime
Financial pressures can lead the honest into dishonesty
and open up new opportunities for criminals
Fraud doesn’t appear in management best-sellers, in
MBAs courses or as part of management training and
consultancy. Business is awash with “best-practice” on
generating and maximising profit, but woefully lacking in
knowledge of how to minimise and manage losses
2
3. Three Myths
Not our organisation: management often
operates under the false impression that its bank
is immune to fraud
We understand our fraud risks: Banks have been
fighting an enemy about which they know very
little and even less about how to deal with them
The deterrent myth: fraud investigations have a
significant preventative effect
3
5. Source of tips
Employees were the most common source of fraud
tips
Customers, vendors, competitors and other non-
company sources provided at least 34% of fraud
tips
Fraud reporting policies and programs should be
publicised not only to employees, but also to
customers, vendors and other external
stakeholders
5
6. Anti Fraud Programs ...
... must meet five primary objectives:
Prevention, stop incidents of fraud occurring
Deterrence, deter potential fraudsters from even attempting
any fraudulent activity
Disruption, make life as difficult as possible for the fraudster.
Keep the fraudster on the move and under pressure
Identification, a good fraud prevention strategy will help to
identify high-risk activities and weaknesses in the control
environment
Legal action, effective strategies will reduce the likelihood of
needing to resort to costly civil actions or time consuming
and disruptive criminal proceedings
6
7. Use of Technology
Highly effective technology tools are available to
detect and investigate fraud
Anti-fraud software and electronic information
resources are only as good as the individuals using
them
Even the most wonderful high-tech anti-fraud tools
are not foolproof
We must still rely on people to detect indicators of
possible fraudulent activity and to blow the whistle
7
8. P-D-R Responsibility
Employee education is the foundation of preventing
and detecting fraud
Staff is the bank’s top fraud detection method
Employees must be trained in what constitutes
fraud, how it hurts everyone in the company and
how to report any questionable activity
Having the knowledge to Prevent, Detect and
Report fraud is not enough to cut fraud losses. Make
it the responsibility of everyone in the bank to use
that knowledge to take action against fraud
8
9. Red Alerts
“Fraudsters exhibit behavioural warning signs of their
misdeeds”
This human element of fraud, demonstrated in red flags,
is not identified through an audit or other traditional
controls
Staff should be
trained to recognize these and other common behavioural
signs that a fraud might be occurring
encouraged not to ignore such red flags, even when discovered
by accident, as they might be the key to detecting or deterring
a fraud
ACFE president James D. Ratley, 2010
9
10. Know your People
Many fraud prevention experts use the so - called 20 - 60 - 20
rule to illustrate the human component of fraud:
Approximately 20% of the people in any bank will never steal — no
matter what
Their character and integrity are so strong that nothing could pressure or
tempt them to do anything dishonest
Another 60% of the people in the bank are fence sitters, they are
basically honest people
But if given the opportunity to commit fraud and the risk seems minimal
to them, they might cross the line.
The remaining 20% are fundamentally dishonest, they will always
commit fraud when the opportunity arises
In fact they will often try to create opportunities to steal or deceive if
they think they will gain financially.
10
11. Educating Customers
customer education and awareness of fraud risk are
vital both as detection and prevention means as
well as a response to their concerns
competing priorities within firms between fraud
mitigation and ‘customer experience’
worries of
putting customers off by implementing controls which
are more stringent than those of the competitors
exposing the bank to negative publicity
11
12. Roadmap
Consider fraud risk as an integral part of an overall
corporate risk management strategy
Develop an integrated strategy for fraud prevention and
control
Develop an ownership structure which cascades
downwards throughout the organisation
Introduce a fraud policy statement
Introduce an ethics policy
Actively promote the policies through the organisation
Establish a sound control environment
Establish sound operational control procedures
12
13. Roadmap cont’d
Introduce a fraud education, training and awareness
programme
Introduce a Fraud Response Plan, as an integral element of
organisational contingency planning
Introduce a Whistle blowing Policy & a reporting ‘hotline’
Constantly review all policies and procedures
Constantly monitor adherence to controls and procedures
Establish a ‘Learn from Experiences Group’
Develop appropriate information and communication
systems
13
14. Epilogue
Fraud is a many splendid thing.
Anything can happen
anywhere and at any time.
Stay alert!!
“With a gentleman I am always a gentleman and a
half, and with a fraud I try to be a fraud and a half.”
Otto von Bismarck (1815-1898)
14
