WEBVTT

NOTE
This file was generated by Descript 

00:00:00.460 --> 00:00:02.430
Samantha: Hello, this is Samantha Shares.

00:00:02.770 --> 00:00:04.040
This episode covers

00:00:04.735 --> 00:00:09.035
A portion of The O C C's Semiannual
risk perspective Special topic

00:00:09.767 --> 00:00:13.747
Increased external fraud activity
targeting the federal banking system.

00:00:14.411 --> 00:00:17.571
The following is an audio version
of that portion of the report.

00:00:18.101 --> 00:00:21.281
This podcast is educational
and is not legal advice.

00:00:21.741 --> 00:00:25.721
We are sponsored by Credit Union
Exam Solutions Incorporated, whose

00:00:25.721 --> 00:00:28.791
team has over two hundred and
forty years of National Credit

00:00:28.791 --> 00:00:30.661
Union Administration experience.

00:00:31.181 --> 00:00:34.841
We assist our clients with N C
U A so they save time and money.

00:00:35.291 --> 00:00:39.261
If you are worried about a recent,
upcoming or in process N C U A

00:00:39.261 --> 00:00:43.581
examination, reach out to learn how they
can assist at Mark Treichel DOT COM.

00:00:44.031 --> 00:00:48.381
Also check out our other podcast called
With Flying Colors where we provide tips

00:00:48.381 --> 00:00:50.921
on how to achieve success with N C U A.

00:00:51.694 --> 00:00:52.554
And now the letter.

00:00:53.280 --> 00:00:56.630
The special topic focuses on
the increasing trend in external

00:00:56.630 --> 00:01:00.330
fraud activity targeting consumers
and the federal banking system.

00:01:00.900 --> 00:01:04.650
The frequency of both traditional
and novel, more sophisticated fraud

00:01:04.650 --> 00:01:08.150
activities targeting customers
and banks continues to increase.

00:01:08.730 --> 00:01:12.540
Banks should maintain sound fraud risk
management practices through prudent

00:01:12.540 --> 00:01:17.400
controls and appropriate fraud monitoring
capabilities to identify, investigate,

00:01:17.520 --> 00:01:20.020
mitigate, and report fraudulent activity.

00:01:20.540 --> 00:01:24.560
Banks can also support their customers
by providing educational information

00:01:24.560 --> 00:01:28.050
about trending fraud activities
and ways to protect themselves.

00:01:28.788 --> 00:01:32.018
Criminals continue to exploit
traditional payment methods through

00:01:32.018 --> 00:01:34.088
check and wire transfer schemes.

00:01:34.728 --> 00:01:39.458
The Financial Crimes Enforcement
Network (F I N C E N) September 2024

00:01:39.458 --> 00:01:43.858
"Financial Trend Analysis" analyzed
threat patterns and trend information on

00:01:43.858 --> 00:01:48.898
mail theft-related check fraud incidents
over a six-month period in mid-2023.

00:01:49.248 --> 00:01:54.688
The report noted that financial
institutions filed 15,417 B S A reports

00:01:54.688 --> 00:02:00.608
on mail theft-related check fraud, 13,618
(88 percent) of which were filed by banks.

00:02:01.158 --> 00:02:04.978
It described several types of check
fraud such as bad actors altering

00:02:04.978 --> 00:02:09.198
stolen check payees and amounts, using
the stolen check to create counterfeit

00:02:09.198 --> 00:02:13.658
checks, fraudulently signing the check,
and selling the check or its identifying

00:02:13.658 --> 00:02:18.158
information on dark web marketplaces
or encrypted social media platforms.

00:02:18.738 --> 00:02:22.258
Furthermore, the O C C's Customer
Assistance Group observed an

00:02:22.258 --> 00:02:25.738
increase in the number of check
fraud-related complaints submitted

00:02:25.738 --> 00:02:27.588
by consumers over the past year.

00:02:28.294 --> 00:02:32.114
Federal banking system-related wire
transfer complaints that consumers

00:02:32.114 --> 00:02:35.784
submitted to the Customer Assistance
Group reflect an increasing trend.

00:02:36.344 --> 00:02:40.134
For wire transfer schemes, the
fraudster often poses as a trusted

00:02:40.134 --> 00:02:44.924
business, government agency, or even
a bank employee, fabricating scenarios

00:02:44.924 --> 00:02:49.014
that require immediate action and
convincing, with urgency, victims to

00:02:49.014 --> 00:02:50.984
wire money to a fraudster's account.

00:02:51.674 --> 00:02:56.434
In most cases, once the wire transfer is
complete, the funds cannot be retrieved.

00:02:57.177 --> 00:03:00.697
While artificial intelligence (A I)
can enhance fraud risk management

00:03:00.697 --> 00:03:04.807
capabilities, reduce costs, and
improve efficiency, this and other

00:03:04.807 --> 00:03:08.117
new technologies are also being
used to enable increasingly more

00:03:08.117 --> 00:03:10.537
sophisticated and frequent fraud tactics.

00:03:11.127 --> 00:03:14.907
Fraudsters could use A I to implement
sophisticated frauds by digitally

00:03:14.907 --> 00:03:20.157
altering voices, biometric systems, or
images (also known as "deepfakes"), or

00:03:20.157 --> 00:03:24.877
to facilitate social engineering schemes,
identity theft, and impersonation of a

00:03:24.877 --> 00:03:27.097
trusted business or government agency.

00:03:27.457 --> 00:03:31.257
For example, deepfakes through voice
replication have been used to perpetrate

00:03:31.257 --> 00:03:35.717
fraud by tricking voice biometric
systems or by convincing a victim they

00:03:35.717 --> 00:03:39.257
are dealing with someone they know
and trust, such as a family member.

00:03:39.954 --> 00:03:43.934
Increasing product and service
digitization can also heighten fraud risk,

00:03:44.244 --> 00:03:49.054
including fraud targeting peer-to-peer
(P2P) and other fast payment platforms.

00:03:49.594 --> 00:03:54.514
P2P payment platforms can provide enhanced
capabilities and convenience to consumers

00:03:54.514 --> 00:03:56.554
and other users for managing payments.

00:03:57.104 --> 00:04:01.384
However, criminals also have exploited
the faster, more streamlined payment

00:04:01.384 --> 00:04:05.584
capabilities and the irreversible and
irrevocable nature of these payments.

00:04:06.246 --> 00:04:10.146
Effective fraud risk management
includes appropriate internal controls,

00:04:10.366 --> 00:04:14.086
such as authentication, customer
identification and verification

00:04:14.086 --> 00:04:18.266
processes, fraud monitoring, and
open lines of communication between

00:04:18.266 --> 00:04:21.906
bank departments responsible for
researching unusual activities.

00:04:22.516 --> 00:04:25.856
It is critical for banks to
promptly identify, investigate,

00:04:26.006 --> 00:04:29.836
and resolve suspicious activities
and potential fraudulent concerns.

00:04:30.366 --> 00:04:34.616
Banks should also continue to promptly
identify, investigate, report, and

00:04:34.616 --> 00:04:39.456
resolve fraud concerns in accordance with
applicable laws and regulations, including

00:04:39.456 --> 00:04:44.506
the B S A, Expedited Funds Availability
Act (Regulation C C) and Electronic

00:04:44.506 --> 00:04:46.676
Fund Transfer Act (Regulation E).

00:04:47.324 --> 00:04:50.764
Recent increases in the volume of
fraud cases have led to heightened

00:04:50.764 --> 00:04:55.154
unfair or deceptive acts or practices
(U D A P) risk as some banks

00:04:55.154 --> 00:04:58.834
may take prolonged timeframes to
complete investigations or implement

00:04:58.834 --> 00:05:02.634
broad account access limitations,
preventing customers---including

00:05:02.634 --> 00:05:05.814
those who are not victims of
fraud--- from accessing their funds.

00:05:06.284 --> 00:05:09.194
If banks on either side of the
transaction do not complete

00:05:09.194 --> 00:05:13.404
investigations expeditiously, customers
may not have access to funds for

00:05:13.404 --> 00:05:17.434
extended periods of time, which may
create financial hardship for them.

00:05:18.087 --> 00:05:22.177
Banks can continue to support customers
by providing information about scam

00:05:22.177 --> 00:05:25.537
and fraud trends and education of
potential preventative measures.

00:05:26.037 --> 00:05:29.917
For example, to address the prevalence
of text messaging and bank impostor

00:05:29.917 --> 00:05:33.987
scams, it can be beneficial to inform
customers about how the bank will

00:05:33.987 --> 00:05:38.827
contact its customers regarding potential
fraudulent transactions, as well as the

00:05:38.827 --> 00:05:42.777
strengths and limitations of various
authentication methods and how to

00:05:42.777 --> 00:05:45.087
identify potential fraudulent schemes.

00:05:45.407 --> 00:05:49.167
Banks can also develop policies and
procedures regarding what and how to

00:05:49.167 --> 00:05:52.897
communicate with customers when the bank
determines that account access should

00:05:52.897 --> 00:05:57.477
be limited, taking care not to reveal
the existence of any suspicious activity

00:05:57.477 --> 00:06:02.207
report (S A R) filing, and ensuring that
the communication is otherwise consistent

00:06:02.207 --> 00:06:04.567
with safe and sound banking practices.

00:06:05.077 --> 00:06:08.317
Communications can provide
critical information to customers

00:06:08.317 --> 00:06:10.107
seeking to access their funds.

00:06:10.833 --> 00:06:15.083
In addition, staff can be trained to
identify and respond to customers seeking

00:06:15.083 --> 00:06:20.023
to conduct unusual transactions that have
signs of fraud, such as a large withdrawal

00:06:20.023 --> 00:06:24.393
or wire transfer that may be outside of
a customer's usual transaction habits.

00:06:24.873 --> 00:06:28.913
Employee training may also include
identifying red flags for different types

00:06:28.913 --> 00:06:33.173
of financial exploitation, providing
proactive approaches to detecting and

00:06:33.173 --> 00:06:37.653
preventing elder financial exploitation,
and detailing actions for employees

00:06:37.653 --> 00:06:39.283
to take when they have concerns.

00:06:39.713 --> 00:06:44.033
When multiple departments are responsible
for researching unusual account activities

00:06:44.033 --> 00:06:49.203
across functions such as B S A compliance,
fraud prevention, consumer protection,

00:06:49.423 --> 00:06:52.503
and open lines of communication
between the bank's departments are

00:06:52.503 --> 00:06:57.033
important and may result in enhanced
coordination and expedited resolution.

00:06:57.775 --> 00:07:00.205
This concludes the fraud
portion of this report.

00:07:00.944 --> 00:07:05.064
If your Credit union could use assistance
with your exam, reach out to Mark Treichel

00:07:05.064 --> 00:07:07.844
on LinkedIn, or at mark Treichel dot com.

00:07:08.414 --> 00:07:11.004
This is Samantha Shares and
we Thank you for listening.