Reducing Your Credit Union’s Risk of Wire Transfer Fraud
Criminals like to use wire transfers because the money moves fast and is difficult to get back. While you can’t always stop your members from being victims of wire transfer scams, you can help minimize wire transfer risk to your credit union by having the right controls in place. Below are some ways you can help prevent fraud from impacting your organization.
Develop adequate policies and procedures
This may seem like a basic concept; however, many organizations lack the appropriate written procedures. An institution’s procedures should carefully specify how incoming and outgoing wire transfers should be processed, how entries should be posted and balanced, and employees’ responsibilities for implementing these policies.
The procedures should specifically state that wire transfers should not be performed for non-members and should not be processed against uncollected funds.
Ensure proper segregation of duties
All wire transfers must be processed using dual control. Acceptance and authentication of wire transfers should be segregated from the processing and approving of the transaction.
Segregation of duties is not always practical in smaller organizations; however, mitigating controls should be used as necessary to ensure the proper checks and balances are in place.
Set prudent system limits
Use any and all system limitations to help improve controls and consider limiting who can initiate and approve wire transfers. Review the wire transfer set-up to ensure all of the proper system limitations have been implemented. Also, review all of the users to determine that their approval limits are appropriate and the users have a logical need for their capabilities.
Limit acceptable methods of wire transfer requests
Since all wire transfer requests are not made in person, decide which methods you are willing to accept. Methods such as fax, e-mail, telephone, and internet banking requests all carry different risks which should be evaluated before agreeing to accept these types of request. Whichever methods your institution chooses, specific checks and verification procedures should be performed.
Educate your members
Fraudsters are evolving; they are continually developing new ways to attack your members. Make efforts to ensure your members are properly educated. Members should be reminded that the institution would never contact them to provide details of their account. Also educate them on the risks of the other scams that are out there.
Watch for red flags
Coach individuals responsible for accepting and verifying wire transfer requests to be skeptical. Encourage them to question when something seems out of the ordinary. Employees should learn to trust their instincts.
In almost all wire transfer fraud cases, when the individuals are asked about their actions, they recognize that there were red flags. Make sure all employees responsible for approving wires are trained to always perform their due diligence before signing off.
Perform internal audit procedures
Whether this is performed internally or externally, there should be an independent review of the activities related to wire transfers to ensure the controls set up at your organization are being followed.
Wire transfer fraud can be expensive, and is not only limited to the dollar amount of the fraud. Your institution will incur other costs as well — research and investigation costs, legal fees, and a loss of reputation. Risks associated with your wire transfer controls should not be taken lightly. Evaluate your current processes on a continuous basis and implement new controls whenever necessary. The costs of fraud may well exceed the costs to implement the proper controls.