Region IV Report
A WATCHFUL EYE ON FRAUD
Fraud is an ever present possibility and an unfortunate reality
within the credit union system. The fraud that takes place at
financial cooperatives like credit unions can be particularly
devastating not only because the money lost comes from all
members, but credit unions have been put into conservatorship
because of it. A watchful eye must be a constant in this battle
against fraud. As such, the key to preventing fraud is putting
in place a sound system of internal controls and keeping
vigilance over what has been put in place.
A strong internal control system is a credit union’s best
defense against fraudulent activity while weak internal
controls provide a breeding ground for substantial losses or
even failure. It may be only one person who commits the
fraud, but lax management oversight along with a failure of
the supervisory committee to perform its vital functions may
allow this individual to embezzle for months, if not years.
There is a long list of internal control weaknesses that, in
some combination, have been present in credit union fraud
cases. In reviewing a series of fraud and embezzlement cases,
NCUA produced Letter to Credit Unions 96-CU- 4 which lists
common factors. When a management team is reviewing
internal controls to spot deficiencies and plan for
improvement, keep in mind these common traits:
; A weak and/or uninvolved Supervisory Committee;
; Limited staff;
; Recordkeeping problems or out of balance conditions;
; Overdue or poor annual audit and/or member
; Manipulated records; and
; Trusted staff.
NCUA Board Chairman Debbie Matz has often noted the
vital importance that volunteers play in the “short-term
perseverance and long-term success of our nation’s credit
unions.” The Supervisory Committee is a critical link for the
perseverance and success of a credit union that Chairman
Matz alludes to. Among the duties of the Supervisor
Committee members are to review internal controls, perform
verifications, and complete audits.
These functions are required in regulation and set out in the
Supervisory Committee Guide. This valuable guide not only
lays out the responsibilities of committee members, but also
provides instructions on how to complete various reviews. It
may be found on the NCUA Website at http://www.ncua.gov/
Legal/GuidesEtc. An active supervisory committee is vital,
especially in small credit unions with limited staff, who are
faced with finding creative ways to incorporate the checks and
balances provided by segregation of duties in larger credit unions.
Recordkeeping problems, out of balance conditions, overdue
audits or member account verifications, and manipulated
records create a dangerous environment for fraud to take root
and go undiscovered. Accurate and up-to-date records and
audit trails are, in themselves, deterrents to fraud.
Listing “trusted staff” as a fraud trait may seem counter-intuitive, but in many fraud cases, the perpetrator is an
employee working for the credit union for many years,
garnering trust in the absence of controls. These employees are
often familiar with operations and know where internal control
weaknesses exist. As an individual’s personal situation changes,
so do the incentives for enrichment and criminal behavior.
Experts often refer to the “Fraud Triangle” when discussing
this topic. The three components of the fraud triangle are
motive or pressure, opportunity, and rationalization. Pressure
might start simply as a series of overdue bills or a personality
turned over to greed. As we have alluded to in this article,
opportunity is created by poor management, weak internal
controls, and when trust is always assumed, but not properly
tested. Rationalization is a key ingredient in this volatile mix
because a person’s fraudulent behavior may be perceived by
him or her as an acceptable norm.
The best way to prevent this triangle from being formed is by
taking away opportunity. That entails all that we have
discussed here in terms of staying on top of internal controls
and a Supervisory Committee that is active and dedicated to
consistently perform its important tasks. Internal controls are
not static, they need to be evaluated and periodically updated
and improved to keep up with the credit union’s growth or use
of technology as just two factors to consider. Once the internal
control environment is assessed, then weaknesses can be
determined and policies can be put in place for improvement.
As we continue into the new year, our shared goal of
safeguarding credit union assets needs to be forward thinking.
As credit unions evaluate lending programs, interest rate risk,
and liquidity contingency planning, they should also consider
whether their internal control environment is sufficiently
robust to offer protection from potential fraud. NCUA
examiners will continue to review internal controls through
the examination and supervision process.