The Risk of Employee Theft and Crime in Financial Institutions

February 11, 2020

Financial institutions around the world face significant risks in their operations – both externally and from within. Employee theft and crime, including fraudulent activities, are believed to be the largest risks banks and other financial services firms face. Despite numerous safeguards, financial institutions are vulnerable to criminal activity of employees, who often have access to customer accounts as well as transaction and personal data that can be used for illicit means.

The Threat from Within: Employee Crimes in Banking and Finance

In 2018, the Association of Certified Fraud Examiners (ACFE) published Report to the Nations: 2018 Global Study on Occupational Fraud and Abuse. This study covered employee fraud across 24 industries, but the financial services sector was especially hard-hit by fraud committed by those working within organizations. Employees committing theft or fraud in banking ranged from bank tellers to executives and board officers.

The average loss to financial institutions was about $110,000 per employee fraud case in a period from January 2016 to October 2017; a total of 366 cases was tallied in this period by the ACFE. Millions or even billions of dollars in losses are at stake. Common crimes committed by employees in the financial services field include:

• Skimming funds from inactive accounts.
• Monitoring activity of customer accounts, then skimming funds from those perceived as unmonitored (typically those owned by elderly customers).
• Creating fraudulent accounts using stolen personal information from customers, then using these accounts as repositories for skimming operations.
• Artificially inflating or adjusting sales figures to collect sales rewards.
• Reversing the fees from non-sufficient funds charges, then redirecting those refunds to personally created fraudulent accounts for access by the employee.
• Selling personally-identifying information, including bank account, Social Security, and credit card numbers to criminals for profit.
• Counterfeiting documents for the purposes of creating or accessing accounts.

Employee theft and crime does not only result in financial losses. The reputational damage to financial institutions can be staggering, resulting in loss of business continuity and potentially billions of dollars in regulatory penalties and lost sales, not to mention a severe loss of confidence among customers.

Controlling Employee-Related Crime in Financial Institutions

Faced with threats from employee criminal activity, financial institutions have turned to technology solutions to combat fraud. Employee monitoring can take several forms in banking institutions, including surveillance cameras as well as automated fraud monitoring programs. Automated transaction and account monitoring typically looks for activities such as:

• Unusual account access, particularly those accounts that have been dormant for months or years as well as access outside of normal business hours or from locations outside the institution.
• Unusual account activity, including frequent transfers of funds away from accounts or transactions occurring at strange times of the day or night.
• Ledger transfers to employees’ personal accounts.
• Any transfers from customer accounts to employee personal accounts.
• Excessive cash deposits or transactions occurring in employees’ personal accounts.
• Automated account monitoring systems are very sophisticated, and can identify many fraudulent activities. They are not foolproof, however, and financial institutions need to take additional precautions to thwart criminal activity.

Know Your Employee Programs: Stopping Criminal Activity in Financial Institutions

In recent years, financial institutions the world over have implemented so-called “Know Your Employee” (KYE) programs to combat fraudulent activity. The goal of these programs is to identify certain risk factors centered on employees, including:

• Employee working backgrounds
• Susceptibility to embezzlement or money laundering schemes
• Conflicts of interest
• Credit and financial histories, including significant debt or personal business losses
• Criminal histories

It can be argued that the best way to prevent employee theft is to carefully evaluate employees before they are hired. In the financial services field, extensive criminal and financial background checks are an integral part of the risk management process. U.S. Risk Underwriters and many other insurance industry experts agree that by weeding out employment candidates with criminal histories, fraud can be reduced.

KYE programs are not only for prospective employees, however. Smart financial institutions will also use these programs to continually evaluate and monitor current employees, including those in leadership and management roles. These practices go hand in hand with automated account monitoring, and together can reduce the financial and reputational impacts financial institutions face as a result of employee-related crime. ◼