In a recent blog post from Verafin, it is discussed that one of the biggest threats to an organization is employee/internal fraud. When employees abuse their position for personal gain and exploit assets such as identifying information or confidential data to commit illicit activities, is considered employee fraud.
It is especially prevalent in financial institutions in which employees have access to large amounts of personal identification information and financial transaction data, along with access to member accounts.
Here are a few tactics that dishonest employees may use to commit fraud against credit unions:
Monitor accounts for activity and skim funds from inactive or less active accounts
Skim funds from unmonitored accounts, such as elderly customers
Reverse NSF fees and transfer the refunded charges to their own personal account
Open fraudulent accounts with stolen or fictitious information, collecting the employees sales reward, and closing the accounts
Manually modifying sales numbers to increase employee sales rewards
These schemes can add up to significant losses if left undetected. In order to protect the credit union from threats such as these, credit unions should have processes and strong internal controls in place.
Monitoring of both employee access logs and transactional activity can alert credit unions to fraudulent activity. Verafin highlights these examples of fraudulent activity:
Cash theft, such as skimming members’ cash deposits and force balancing the drawer
Unauthorized cash or cashier’s check withdrawals from customer accounts
Refunding customer charges or fees to the employee’s personal account, including manually posting transactions to an employee’s personal account
Sharing confidential information with third parties