Guard Against These Emerging Fraud Risks

Credit Union Magazine
April 1, 2010 | COMMENTS

Credit unions face numerous challenges and risks daily, not the least of which is fraud. Here are two emerging fraud risks CUNA Mutual Group's risk management department is recommending credit unions prepare for in 2010.

Wire/ACH transfer fraud

This is one of the hottest fraud trends, particularly among accounts of small- and medium-sized businesses. The FBI reported nearly $100 million in attempted fraudulent automated clearinghouse (ACH) transfers took place during the first 10 months of 2009.

Crooks commonly execute this fraudulent activity at credit unions by accessing a member's account through the credit union's Internet banking system. It sounds difficult, but it's not that complex.

Consider this example:

Your trusted employee, Sally—a veteran officer who executes wire/ACH transfers for your credit union—opens an infected e-mail or visits a Web site hosting malware (malicious software). After one click, Sally's computer is infected, and the malicious program on her computer records log-on data for your credit union's accounts.

That information is relayed to fraudsters who use the recorded information to initiate ACH or wire transfers to other institutions.

How can you mitigate this type of fraud? Two effective ways are with commercially reasonable security procedures and monetary limitations.

Commercially reasonable security procedures are member/credit union agreed-upon procedures. These are intended to verify that a payment order or communication was initiated by the member, and to detect errors in the transmission or payment order itself.

Security procedures use algorithms or other codes, identifying words or numbers, encryption, callback procedures, or similar security devices. Signature comparison is not by itself a security procedure for requests made when the member is not present.

Monetary limitations are simply that: your credit union limits the amount of money that can be transferred in or out of a member account each day, as well as the frequency with which transfers occur.

Mortgage fraud

Unlike wire/ACH fraud, mortgage fraud is often perpetrated by a credit union's own members. Overall, more than 62,000 incidents of mortgage loan fraud occurred between July 2007 and June 2008—a 44% increase for the same period one year prior, according to a recent study by the U.S. Department of the Treasury.

Undetected fraudulent activity can cause devastating losses for credit unions. Even if fraudulent documents are used in the credit union's lending decision, buyers such as Fannie Mae or Freddie Mac can require a credit union to repurchase the loan and absorb the loss.

A robust mortgage loan underwriting process is the most effective way to fight this fraud and reduce losses. Credit unions should:

• Request verification of employment from the borrower's reported employer(s);
• Obtain verification of deposit from the borrower's reported financial institution;
• Request tax history from the IRS using a Form 4506 or 4506-T; and
• Secure current credit scores from a third-party credit reporting agency.

By using these verification techniques, credit unions engaged in residential mortgage lending can significantly reduce their chances of issuing loans based on fraudulent documents and reduce subsequent losses.

Brad Mundine is regional manager, Credit Union Risk Management, for CUNA Mutual Group. Contact him at 800-356-2644, ext. 5100. Reprinted with permission from Credit Union Magazine Online.