By Andrew Durant, the head of the Forensic & Litigation Consulting team at FTI Consulting
In times of global crises – whether a financial crash, economic slump or the current pandemic – a spike in fraud against banks and also other businesses typically follows.
After the last financial crisis in 2008, figure published by the UK’s Office for National Statistics (ONS) (https://www.gov.uk/government/statistics/criminal-justice-system-statistics-quarterly-december-2018) identified that those charged with fraud offences increased by 21% in the following two years.
This occurred for a variety of reasons. There is generally an increased opportunity available to fraudsters. Senior management teams of most institutions are rightly focussed on other things, trying to keep their businesses afloat and their staff in jobs for a start.
What they will not be thinking about is the enemy within. And, in my experience, that is where the greatest risk lies. It is human nature to believe that threats arise from unknown individuals outside an organisation. However, it is more likely to be a fellow employee, someone they have known for many years, who knows the internal controls (and the weaknesses in them) and that you trust implicitly.
In “good times” fraudsters, in my experience, are motivated by “greed”. However, in times of crisis, motivation is driven more by “need” (or perceived need) due to the heightened concern over financial security.
This may lead to an increase in various types of frauds that financial institutions will need to consider:
- Employee fraud – for example, bank staff pilfering monies or diverting funds from the designated payee. These may be few and far between as the controls within banks are normally focused on preventing this. However, they usually cause maximum embarrassment to the bank as the police will get involved and a high profile trial will follow. More damaging are those frauds where the employee is able to commit the bank to a large contract in return for a bribe or other return. I investigated a raft of these, particularly in the marketing and IT departments where the latter can spend hundreds of millions on major equipment and software purchases;
- Management fraud – manipulation of results to boost results of the institution, department or individual executive – the motive being to maintain performance related bonuses which usually form a major part of bank employees’ remuneration
- Loan fraud – In the current environment, with billions of pounds of stimulus funds being handed out, banks need to be particularly on guard for crafty fraudsters who will see this as a ripe opportunity to pounce, with reduced chance of being caught as the usual security checks and balances may have temporarily fallen by the wayside. For instance, it was reported in May that a Belfast man was arrested for attempting to obtain a business support loan using a false identity (https://www.belfasttelegraph.co.uk/sunday-life/news/stephen-nolan-and-eamonn-holmes-conman-cartmill-main-suspect-in-multi-million-fraud-probe-39228673.html). However, directors and senior management also need to carefully consider collusion between bank staff and customers. I was involved in an investigation following one the past property crashes where it became apparent that the head of lending (with 20 years’ service) was responsible for several fraudulent loans being approved and disbursed (more on that later)
- Ponzi schemes – in the search for higher returns where interest rates are almost zero, financial institutions may unwittingly be caught up directly or indirectly in Ponzi type schemes. If the returns are too good to be true, they usually are.
In the current “lockdown” with increased home working, especially in the financial services sector (with corresponding less people at work overseeing finance, security and operations) fraudsters will have more opportunity, with less scrutiny, more freedom and fewer questions asked.
All of these factors combined make a global crisis the perfect climate for fraud to germinate and gather pace.
Fraud is likely to hit banks even harder
Fraud was perceived as the number one financial crime in 2019 according to a recent global study of over 2,000 senior executives by FTI Consulting, the Resilience Barometer 2020 with 24% reporting that they had been exposed to it.
If we were to apply this percentage to the 2019 turnover of “Diversified Banks” in the FTSE 350 and based on an average loss on 5% (see 2018 ACFE Global Fraud Survey, Report to the Nations) of annual turnover, this would mean that an enormous £5 billion was lost to fraud in 2019 in that sector alone. Even if the 5% figure was an overstatement and it was closer to 1%, this would still be sizeable and indicative of a serious risk.
Whilst putting a figure on the cost of fraud is notoriously difficult – due to too many unknowns – by the ACFE’s own admission, “many cases are not revealed, the full amount of losses might not be uncovered, quantified or reported” (see 2010 ACFE Global Fraud Survey: Report to the Nations, The Cost of Occupational Fraud)
But one thing we can be certain about is that corporate fraud is costing the financial services sector a huge amount year-on-year, so taking an educated guess at this figure is crucial to demonstrate the scale of the problem.
The FTI Resilience Barometer 2020 survey also identified that fraud would be the number one financial crime in 2020 with 28% of executives believing their companies would be exposed to it (an increase of 16% on 2019). According to the ONS, the rise in fraud charges following the 2008 financial crisis was 15%. Both surveys therefore suggest a higher prevalence of fraud in 2020 and beyond.
So what can financial institutions do to protect themselves from the escalating risk of fraud?
- Prepare for the worst: update, communicate and test your fraud response plan
The actions that are taken in the first few hours and days after a suspected fraud is discovered can dramatically affect the outcome. Although all banks will have a fraud response plan in place, I wonder how many of them are collecting dust, probably also years out of date? Boards need to ensure that senior management in each location or operating division know about the plan (which should be relevant for their location), have tested it (akin to a fire alarm, the plan needs to be tested to ensure everyone knows what to do and when) .
- Make your employees aware of the increased threat (including cyber)
Employees who find themselves working from home or in a location other than the office must be aware of the specific threats they face from fraudsters. Cyber criminals will attempt to exploit the human element when staff are conducting business in a remote working environment. The compliance and risk departments in conjunction with HR should be rolling out updated cybersecurity awareness training, ensuring it is relevant to the current circumstances.
- Encourage whistle-blowers to step forwards
In most, if not all, of the frauds I have investigated, someone somewhere knew what was happening. Banks will already have a whistle-blowing policy in place with multiple channels for concerned employees, customers and others to make their concerns known. However, despite protections in place, whistle-blowers still fear that they will become the victim and either be exposed and/or lose their jobs. And, I don’t blame them. In the cases mentioned above, the immediate reaction of the company tended to be “who is the whistle-blower” or “they must have an axe to grind”, not “we need to investigate these allegations immediately and prevent further loss”. Therefore, boards need to take an active lead in encouraging whistle-blowers to come forward and do all in their power to protect them from retribution.
- Use of temps and contract staff should be monitored carefully
If staff become unwell or need to take time off to care for a relative, it may be tempting to backfill with temporary or contract staff. Banks should ensure that they do not drop their guard and carry out fewer checks than normal. Fraudsters have been known to target financial institutions that have a higher propensity to rely on contract or temp staff.
- Scrutinise loan applications carefully
With less staff available and working from home, it is easier to drop your guard and carry out fewer checks than normal. As mentioned at the outset, I was involved in a large loan fraud investigation where the head of lending eventually ended up in jail for two years. The fraudulent loans for hotel developments would have come to light if the premises had been visited. One site turned out to be a pig farm and the other a quarry. With difficulties in travelling, these types of scams will be even easier to perpetrate.
There were a number of other warning signs as well including numerous conflicts of interest including:
- the wife of the head of lending was employed as a consultant by the “hotel group”;
- the head of lending was involved in the loan origination process as well as the approval process; and
- the professional advisors representing the bank also represented the borrower.
- Do not ignore your sixth sense
If you start to feel uncomfortable about something, there is usually a reason. In many cases, those uncomfortable feelings concern a fellow employee (see above) so they are usually “rationalised” away. If a colleague is suddenly booking expensive holidays or turning up in a new and expensive car, take note.
If that employee then says, “I was lucky on a big bet”, “my grandmother left me something in her will” or “I won the lottery”, the alarm bells should start ringing. I have heard this excuse many times and on each occasion the person was involved in a major fraud. In my experience, fraudsters rarely put their ill-gotten gains in the bank. They will spend it on luxuries so look out for employees living beyond their earnings. That is not to say that all fraudsters will do it for financial greed or need. In the case mentioned above concerning the bank’s IT department, the IT Director was being lavishly entertained. By comparison to the contract he awarded to a sole source supplier (i.e. without going out to tender) the benefit was negligible. However, he was made to feel important. This was his weak spot as he felt he was being under-valued by the Board.
Experience also tells me that there is a heightened threat in businesses that operate across different offices and countries. The further from “head office”, the greater the risk. This is generally due to “out of sight out of mind”. The further away the branch or operations, the less likely is it that senior management, relationship managers, internal auditors and others will visit. Hence, as the lockdown is lifted, the focus should be on distant customers and sites first, and then work closer to head office as time progresses.
Despite taking all the precautions listed above, banks will still suffer from fraud. Once a fraud is discovered, taking the right steps quickly will ensure there is a higher chance of recovery of missing funds or assets and a lower chance that losses will continue.
Do not make emotional or hasty decisions
Fraud involves a breach of trust and, therefore, as an employer you may feel betrayed by what has happened. As a result you may be tempted to take immediate action which may ultimately compound the situation.
Keep an open mind
There may be a logical explanation for the discrepancy that may not be immediately obvious
Discuss this with as few people as possible
As I have mentioned a few times, the biggest risk is the enemy within. Therefore, you may be unwittingly tipping off someone involved in the fraud. That person may actually be an accomplice or an innocent individual who, however, has some allegiance to the fraudster. In one case where I investigated a bank’s Marketing Director, a member of the internal audit department was related through marriage to the fraudster’s son. The fraudster was tipped off but fortunately we had already managed to secure all the evidence from her computer and office. It is therefore vitally important in the early stages of the investigation to keep the “circle of knowledge” very tight.
Plan a course of action
The actions taken in the first hours and days after a suspect comes to light can ultimately affect the successful outcome of any action (see the need for an effective and tested fraud response plan mentioned above).