Subscribe
Share
Share
Embed
This podcast provides you the ability to listen to new regulatory guidance issued by the National Credit Union Administration, and occasionally the F D I C, the O C C, the F F I E C, or the C F P B. We will focus on new and material agency guidance, and historically important and still active guidance from past years that NCUA cites in examinations or conversations. This podcast is educational only and is not legal advice. We are sponsored by Credit Union Exam Solutions Incorporated. We also have another podcast called With Flying Colors where we provide tips for achieving success with the N C U A examination process and discuss hot topics that impact your credit union.
Samantha: Hello, this is Samantha Shares.
This episode covers
A portion of The O C C's Semiannual
risk perspective Special topic
Increased external fraud activity
targeting the federal banking system.
The following is an audio version
of that portion of the report.
This podcast is educational
and is not legal advice.
We are sponsored by Credit Union
Exam Solutions Incorporated, whose
team has over two hundred and
forty years of National Credit
Union Administration experience.
We assist our clients with N C
U A so they save time and money.
If you are worried about a recent,
upcoming or in process N C U A
examination, reach out to learn how they
can assist at Mark Treichel DOT COM.
Also check out our other podcast called
With Flying Colors where we provide tips
on how to achieve success with N C U A.
And now the letter.
The special topic focuses on
the increasing trend in external
fraud activity targeting consumers
and the federal banking system.
The frequency of both traditional
and novel, more sophisticated fraud
activities targeting customers
and banks continues to increase.
Banks should maintain sound fraud risk
management practices through prudent
controls and appropriate fraud monitoring
capabilities to identify, investigate,
mitigate, and report fraudulent activity.
Banks can also support their customers
by providing educational information
about trending fraud activities
and ways to protect themselves.
Criminals continue to exploit
traditional payment methods through
check and wire transfer schemes.
The Financial Crimes Enforcement
Network (F I N C E N) September 2024
"Financial Trend Analysis" analyzed
threat patterns and trend information on
mail theft-related check fraud incidents
over a six-month period in mid-2023.
The report noted that financial
institutions filed 15,417 B S A reports
on mail theft-related check fraud, 13,618
(88 percent) of which were filed by banks.
It described several types of check
fraud such as bad actors altering
stolen check payees and amounts, using
the stolen check to create counterfeit
checks, fraudulently signing the check,
and selling the check or its identifying
information on dark web marketplaces
or encrypted social media platforms.
Furthermore, the O C C's Customer
Assistance Group observed an
increase in the number of check
fraud-related complaints submitted
by consumers over the past year.
Federal banking system-related wire
transfer complaints that consumers
submitted to the Customer Assistance
Group reflect an increasing trend.
For wire transfer schemes, the
fraudster often poses as a trusted
business, government agency, or even
a bank employee, fabricating scenarios
that require immediate action and
convincing, with urgency, victims to
wire money to a fraudster's account.
In most cases, once the wire transfer is
complete, the funds cannot be retrieved.
While artificial intelligence (A I)
can enhance fraud risk management
capabilities, reduce costs, and
improve efficiency, this and other
new technologies are also being
used to enable increasingly more
sophisticated and frequent fraud tactics.
Fraudsters could use A I to implement
sophisticated frauds by digitally
altering voices, biometric systems, or
images (also known as "deepfakes"), or
to facilitate social engineering schemes,
identity theft, and impersonation of a
trusted business or government agency.
For example, deepfakes through voice
replication have been used to perpetrate
fraud by tricking voice biometric
systems or by convincing a victim they
are dealing with someone they know
and trust, such as a family member.
Increasing product and service
digitization can also heighten fraud risk,
including fraud targeting peer-to-peer
(P2P) and other fast payment platforms.
P2P payment platforms can provide enhanced
capabilities and convenience to consumers
and other users for managing payments.
However, criminals also have exploited
the faster, more streamlined payment
capabilities and the irreversible and
irrevocable nature of these payments.
Effective fraud risk management
includes appropriate internal controls,
such as authentication, customer
identification and verification
processes, fraud monitoring, and
open lines of communication between
bank departments responsible for
researching unusual activities.
It is critical for banks to
promptly identify, investigate,
and resolve suspicious activities
and potential fraudulent concerns.
Banks should also continue to promptly
identify, investigate, report, and
resolve fraud concerns in accordance with
applicable laws and regulations, including
the B S A, Expedited Funds Availability
Act (Regulation C C) and Electronic
Fund Transfer Act (Regulation E).
Recent increases in the volume of
fraud cases have led to heightened
unfair or deceptive acts or practices
(U D A P) risk as some banks
may take prolonged timeframes to
complete investigations or implement
broad account access limitations,
preventing customers---including
those who are not victims of
fraud--- from accessing their funds.
If banks on either side of the
transaction do not complete
investigations expeditiously, customers
may not have access to funds for
extended periods of time, which may
create financial hardship for them.
Banks can continue to support customers
by providing information about scam
and fraud trends and education of
potential preventative measures.
For example, to address the prevalence
of text messaging and bank impostor
scams, it can be beneficial to inform
customers about how the bank will
contact its customers regarding potential
fraudulent transactions, as well as the
strengths and limitations of various
authentication methods and how to
identify potential fraudulent schemes.
Banks can also develop policies and
procedures regarding what and how to
communicate with customers when the bank
determines that account access should
be limited, taking care not to reveal
the existence of any suspicious activity
report (S A R) filing, and ensuring that
the communication is otherwise consistent
with safe and sound banking practices.
Communications can provide
critical information to customers
seeking to access their funds.
In addition, staff can be trained to
identify and respond to customers seeking
to conduct unusual transactions that have
signs of fraud, such as a large withdrawal
or wire transfer that may be outside of
a customer's usual transaction habits.
Employee training may also include
identifying red flags for different types
of financial exploitation, providing
proactive approaches to detecting and
preventing elder financial exploitation,
and detailing actions for employees
to take when they have concerns.
When multiple departments are responsible
for researching unusual account activities
across functions such as B S A compliance,
fraud prevention, consumer protection,
and open lines of communication
between the bank's departments are
important and may result in enhanced
coordination and expedited resolution.
This concludes the fraud
portion of this report.
If your Credit union could use assistance
with your exam, reach out to Mark Treichel
on LinkedIn, or at mark Treichel dot com.
This is Samantha Shares and
we Thank you for listening.