72% of Banks Say Their Employees Committed Fraud

yahoi writes "The financial crisis appears to be exacerbating fraud by bank employees: a new survey found that 72 percent of financial institutions say that in the last 12 months they have experienced a case of data theft by one of their workers. Meanwhile, most banks don't want to talk about the insider threat problem and remain in denial, says a former Wachovia Bank executive who handled insider fraud incidents at the bank and has co-authored a new book called Insidious — How Trusted Employees Steal Millions and Why It's So Hard for Banks to Stop Them that investigates several real-world insider fraud cases at banks." The article dispels one assumption that might commonly be made about such insider fraud: "Interestingly, it's not the stereotypical offshore or outsourced employee who's most risky to their organizations. Nearly 70 percent of financial institutions say their full-time employees are most likely to pose an insider fraud threat..." Technology workers placed third in the roster of the job categories most abused.

Seems low

Is that not counting executives?

Re:Seems low

[fuzzyfuzzyfungus]

I'm pretty sure that it only the intersection of "actions which are illegal" and "actions which harm the bank's interests" counts as fraud for their purposes...

Re:Seems low

[Philip+K+Dickhead]

Fractional reserve banking IS fraud!

Re:Seems low

[FooAtWFU]

Also, there is an alternative to fractional-reserve banking! It's called a "mattress". Fat lot of good it's going to do you (or anyone else, for that matter).

For the rest of us, we have FDIC insurance and that's really about as good as it gets in this day and age, unless you trust the commodity markets (and while they're a useful hedge, the "rah rah rah, gold is king" attitude is over the top and probably going to come back and bite a few people. Although it's not so much crazy as the people who suggest an "oil standard". Right, tie your currency to the whims of OPEC and Venezuela, and let me know how that works out for you...)

Re:Seems low

[UnknownSoldier]

> FDIC insurance

Riiiight. When the government is bankrupt, it _can't_ payout. Least in the old days you had _some_ assets to cover your debts, and one just couldn't "print" more pseudo-assets. Regardless, the problem is borrowing more then you can cover.

Re:Seems low

[roguetrick]

If shit gets that bad, I hope you're investing in bacon and not gold.

Re:Seems low

[mwvdlee]

28% of banks are lying.
The other 72% are probably lying about the extent.

Re:Seems low

[nmb3000]

Riiiight. When the government is bankrupt, it _can't_ payout.

If you really believe that the government will falter to such a degree that it will not be able to honor its FDIC obligations, I suggest you remove your funds from your bank, and put them into food storage, ammunition and firearms, and other dystopian future necessities.

Least in the old days you had _some_ assets to cover your debts, and one just couldn't "print" more pseudo-assets.

If you're talking about the dollar being backed by the gold standard, this is just as big of an illusion of security as current paper currency is. The only reason gold was ever considered valuable in the "old days" was due to its scarcity, and relying on an object's absolute physical availability to determine it's value is flawed in an economy of our size. If we tried to back the GDP of countries like the US, Canada, Russia, Europe, etc., with gold we'd have run out of the metal a long time ago.

The funny thing is that gold has only recently become really valuable as a commodity with the advent of integrated circuits and other electronic components that make use of it. If society really does degenerate to the point some people think it will all the gold in the world won't help you. People will need and want to trade for required things like ammunition, canned food, fuels, etc. After that comes the vices such as cigarettes, alcohol, and toilet paper. Gold is going to be waaay down the list.

If you're really worried about money for the post-apocalyptic society of tomorrow, I'd suggest you start collecting bottle caps.

Re:Seems low

[OrangeCatholic]

Actually, it is. When you sell a house to someone with no money, that's fraud. Especially when you know you're doing it.

Also something called "naked short-selling", which involves selling non-existent stock. It happens millions of times per day, everyone does it, and nobody complains. Bear and Lehman stock was counterfeited so rapidly, the stock plummeted to zero within days.

It's the thug life, right? No fraud in the hood. Drugs, guns, murder - that's just recklessness and stupidity.

Re:Seems low

[Vaphell]

If you really believe that the government will falter to such a degree that it will not be able to honor its FDIC obligations, I suggest you remove your funds from your bank,

if only they were redeemable in gold and silver as once US constitution stated...

If i am not mistaken recently FDIC announced that it has nowhere near the amount of money needed to meet its obligations, bacause situation in the bank sector is in much worse shape than they predicted - we are talking about tens or even hundreds of billions. What it means? More and more T-bills - so people will pay through the nose (taxes) for the illusory safety of their wealth or will be robbed of their purchasing power (money printing)

And if you want to see how the total decay of monetary system looks, just read about Zimbabwe with its few million percent inflation or look for some clips on youtube. People in Zimbabwe pay for their daily bread at the village market with gold and don't accept anything else as a payment for their merchandise.

Gold was, is and will universally recognized as something valuable in majority of cultures. Even world of Fallout wouldn't change it because there would be continuity of humanity and there would be no reason for gold to suddenly lose its cultural meaning - gold value is deeply entrenched in people's minds. That's more that what we can say about paper currency.

Re:Seems low

[1s44c]

Oh, please. The collapse of the banking sector's not fraud. Recklessness, certainly, but don't attribute too much to malice when there's plenty of stupidity to go around. :P

Fraud doesn't imply malice, it implies greed.

All fractional reserve banking is fraud.

Re:Seems low

[Chrisq]

If shit gets that bad, I hope you're investing in bacon and not gold.

I'm Jewish you insensitive clod.

Re:Seems low

[Chrisq]

Or went red in the face and said "no I'm sure that absolutely nobody here would ever commit fraud", as they try to cover up their vintage Rolex with the sleeve of their hand-made Savile Row suite.

Re:Seems low

[corbettw]

If you have to stockpile, choose guns, ammo, canned goods, medicine, and a water filtration system, in that order. Because with enough of the first two you can always find a way to convince your neighbor to help with the rest.

Re:Seems low

[Red+Flayer]

If i am not mistaken recently FDIC announced that it has nowhere near the amount of money needed to meet its obligations, bacause situation in the bank sector is in much worse shape than they predicted - we are talking about tens or even hundreds of billions. What it means? More and more T-bills - so people will pay through the nose (taxes) for the illusory safety of their wealth or will be robbed of their purchasing power (money printing)

No. The FDIC fund is not funded by the government at large. It is funded by the member banks. While it is possible that a loan will need to be made by the government, as of right now there are no plans to do so. Instead, the FDIC fund is stepping up efforts to collect premiums due from member banks, and looking at assessing a special premium to cover a potential projected shortfall.

And if you want to see how the total decay of monetary system looks, just read about Zimbabwe with its few million percent inflation or look for some clips on youtube. People in Zimbabwe pay for their daily bread at the village market with gold and don't accept anything else as a payment for their merchandise.

And that relates to the US situation in what way?

Denial?

[blueg3]

If 72% of financial institutions say they've experienced data theft, how do "most banks" remain in denial? It sounds like "most banks" just admitted it.

Also, I'm not sure data theft is the same as fraud.

Suprise! NOT!

[Herkum01]

Is this really a case of it being unexpected? Banks, which handle lots of money and are generally unwilling to pay for honest talented staff see mishandled cash? What a surprise!

Next article, "Investment Bankers are overpaid for the returns they generate on their transactions!"

The Cold War had it right

[plover]

"Trust, but verify."

These people are in positions where they have to have access to the information to do their jobs. Locking them down so they can't get to the data without a partner would double labor costs (much more expensive than the 1-4% quoted in TFA.)

So the best answer is: give them the access they need, tell them you're logging it all, log it all, and *analyze the freakin' reports!* There are so many reports out there in most businesses that just get ignored. But we're talking about the early warning signs of theft, and they can't be ignored without consequences.

So 28% of banks lie on surveys.

[xC0000005]

The odds of a bank (even a small bank) having no such problems is next to none. The only bank I can think of which has absolutely no employee corruption is the one in the mall. It's been closed for a few years, during which their track record is flawless. Their customer service times aren't actually much worse either.

Seriously, if there are humans in involved and money involved, corruption ain't far behind.

common knowledge

[girlintraining]

The article dispels one assumption that might commonly be made about such insider fraud...

Am I the only one that is concerned that our financial institutions are assuming things relating to their security policies? Because it's common knowledge in our industry that most security threats come from inside, not outside, the organization.

Fraud by bank employees is nothing new

[erroneus]

I recall a bank hitting my brother's account with a long list of overdraft fees when he never bounced a single check. Turns out that one month he was trying a new budget strategy where he wrote all of the checks for that month's expenses and dated them for that day. At that time, he didn't have the money in his account to cover those checks. But he never sent them out until after he and his wife had deposited money to cover those checks. The checks were presented to the bank at a time when the money was actually in the bank. They paid all of those checks and then charged him $20 for each one that was dated as described. He never bounced a check. The checks were never presented to the bank when there weren't sufficient funds in the account. How did they justify that action? Who knows...

And even now, banks are playing games with other fees and charges. Who writes checks any more anyway? Your bank may already be doing this... How many transactions per month are you allowed to have before they start charging transaction fees?

Re:Fraud by bank employees is nothing new

[tunapez]

I was trying to determine all the fees involved in Chase Bank's "FREE" checking a couple weeks ago. I asked what the minimum balance and specific performance were required to get that "FREE" checking? The yanker said no minimum and I did not have to do anything. Half way through the process the yanker mentioned if I did not use my debit cards some 10(?) times in a month there would be a $6 fee. I asked him if he knew what specific performance meant and do you lie and tell half-truths to your friends and family too? He laughed like it was a funny joke. I walked to the credit union, where I should have started.

Wells Fargo last year hit my checking account w/ 2 x $35 charges for $6 and $11 transactions, unknown to me my DD was 3 days late while on the road and I was not paying some monthly charge to auto-transfer or over-draft protection. I asked to set my account to deny ANY transactions when funds were not available so I would be aware of and remedy the situation. They told me the account didn't work like that but I could pay for those services and they would credit me one of the charges. I grabbed a withdrawl slip and wrote it to the balance of my savings, $9k and change. Shortly the manager offered to drop both charges. I told him no thanks, choke on your $70. ***Until the CU, I continued to use the checking, for cashing checks. If they need to hold overnight I pick the cash up in the a.m. and never carry more than a $5 balance.

F the banks, bunch of crooks and liars.

Re:Fraud by bank employees is nothing new

[Zebedeu]

Shortly the manager offered to drop both charges. I told him no thanks, choke on your $70.

I would've let them drop the charges, and then close my account anyway.

That's the real cost of disloyal companys.

All these companys want you to be totally loyal to the company. The job comes before your life, friends, and everything else. They demand loyality above everything.

And yet... are most companys loyal to the employee? Fuck no! You're 100% replaceable. We don't really need YOU. Get back to work or you're fired. Sick? Come to work anyway! You did such a great job on that project. have some perks! more money? no. you wont get more money.. but look! pizza on fridays! wooo!

Nobody should be suprised that many employees have a crap attitude about their jobs. And will steal any chance they get.

You want real loyality from employees? PAY US MORE. We don't work here for our health or because we like it or for the perks or the lovely 'family oriented' way you do business. We work here because you pay us.

And now with the economy fuckup. The first things to go are perks and pay raises. Yet you still want the same loyality from the employees.

Good luck with that. We're gonna steal anything not bolted down. Get all we can before the company gets rid of us.

Re:That's the real cost of disloyal companys.

OK, I'll play devil's advocate.

And yet... are most companys loyal to the employee? Fuck no! You're 100% replaceable. We don't really need YOU. Get back to work or you're fired.

You do realize that it costs somewhere in the neighborhood of 50% of a year's salary to replace an employee (post job ad, maybe pay headhunter, spend time reading resumes and conducting interviews, and pay relocation expenses for an employee that won't be productive for several months while getting trained and learning how the company operates), right? So, even from the point of view of pure greed, it's not a good idea to fire someone unless (1) they are a total fuck-up, (2) the company just doesn't have money to pay them, or (3) their job just doesn't need to be done anymore and there is no appropriate position to move them into.

Sick? Come to work anyway!

If you are truly sick, especially with something contagious, nobody in their right mind wants you to come to work because that makes things worse with everyone else getting sick. Now, how many times have you called in sick when you weren't?

You did such a great job on that project. have some perks! more money? no.

I agree. Compensation in anything but cash should be illegal. No more healthcare, dental, life insurance, or other bullshit. Give people cash, making their total compensation completely transparent, and let them spend it as they wish. Lobby your congressperson.

Nobody should be suprised that many employees have a crap attitude about their jobs. And will steal any chance they get.

Nobody should be surprised that many employers have a crap attitude toward employees who steal and otherwise jerk off at work. It's that chicken and egg problem.

And now with the economy fuckup. The first things to go are perks and pay raises. Yet you still want the same loyality from the employees.

If the company isn't bringing in as much money as it used to, due to the economy, what do you expect them to pay for the perks and pay raises with? Do you think they can just waive a magic wand and make money fall from the sky? You do realize that if the company goes bankrupt you lose your job, not just your raise and your perks, right?

We're gonna steal anything not bolted down. Get all we can before the company gets rid of us.

Causing the company to lose money even faster, and forcing them to get rid of you even faster.

I Could Be a Fraudster

I'm a contract employee at one of the top ten banks in the nation, employed in website development. Within the first week I was given the keys to the kingdom in spite of the bank never even performing a rudimentary background check. Also in the first week, I discovered that it would be absolutely trivial for me to steal the credentials of every single user of the site and completely cover my tracks. It has now been MONTHS since I brought it to the attention of the people who I answer to and there is still not even a proposed solution to the problem. Scarier still is that any one of 75-80 people could do this and it does not even require collusion. This to me shows the "high regard" that banks have for your money.

Re:I Could Be a Fraudster

[L4t3r4lu5]

Great. So, IT are proven incompetent for having such a gaping hole, and they're restructured. That means this guy loses his job (if he manages to keep hold of it) at least. At worst, his name is published and every single financial institution, Fortune 500 business, and recruitment company on the globe put a little black mark next to his name. Whistleblowing is great for everyone but the person doing it.

And please, don't tell me about all of the protections these folks get; Glass ceilings, awkward interview processes, and HR spin can cripple any application they want.

The other 28% must be small banks or...

[istartedi]

The other 28% must be small banks, or in denial. If just 1 percent of the population is criminal, you have to anticipate 1 criminal for every 100 people you hire. IANA statistician, but even if you have well under 100 employees, the odds are still pretty good. I think it would be like the birthday problem, where the odds of somebody in a relatively small class having the same birthday as you are surprisingly high.

Of course, I'm not sure what percent of the general population would commit bank fraud if they had the opportunity. That doesn't matter of course. People who are likely to commit bank fraud will, of course, seek out jobs at the bank. As the famous bank robber said, "that's where the money is".

Re:The other 28% must be small banks or...

[Mr2001]

Well, I said IANA statistician. Can you show your work? It does make sense that some banks would be able to hire 100 employees under those circumstances and not bump into a criminal; but the exact equation isn't something with which I'm familiar.

If each employee has a 1% probability of being a criminal, the probability of each employee not being a criminal is 99%. If you pick two random employees, 99% of the time the first one will not be a criminal, and 99% of those times the second one won't be either: the probability is 99% * 99%, or 99% to the second power.

Thus, the probability of 100 employees not being criminals is 99% to the 100th power (0.99 ^ 100 = approximately 0.366 or 36.6%).

Banks apparently have few with tech. knowledge.

[Futurepower(R)]

They're in denial because they are not aware of the full seriousness of the issue.

I discovered something that amazed me. I was trying to resolve a client's quite simple software issue. I worked with managers of two large banks (tens or hundreds of thousands of commercial accounts). I discovered that one of the banks had no technically-knowledgeable employees, except for computer maintenance staff. They used contractors for everything else. The contractors with whom I talked had little technical knowledge.

The other bank had either no one who was technically-knowledgeable or just a few people.

They don't have just have problems with fraud, they have problems in every area where technical knowledge is needed. They cannot resolve modern problems because they have little or no knowledge of them, and they don't want to learn. Technically knowledgeable people are apparently seen as an annoying necessity.

With employees of a third large bank, at which I have personal and business accounts, I found that I could get a laugh by saying I saw their web site and thought that high school students should not write web sites for banks. Later the web site was improved.

Re:Banks apparently have few with tech. knowledge.

[Tablizer]

Well, a decent techie probably costs them about 150 grand a year if you include related overhead. Thus, they figure the yearly "loss" by *not* having such an employee is less than 150 grand a year. It may not actually be true, but they have no way of knowing.

A lot of times a company ends up with a stupid or shifty IT employee that causes more problems than their worth. If the bank is technically ignorant, then they don't have a good way to filter. Techies raise almost as much ire as auto-mechanics. Both may charge 10 grand to "fix" the Flux Capacitor.

     

Re:Banks apparently have few with tech. knowledge.

[OrangeCatholic]

True. There is a disconnect. Techies don't have the personality to actively brand themselves, and clients don't have the technical skills to appreciate good help.

That's why the most successful techies have good personalities and only a moderate amount of skill.

Example, the last time I had the cable guy over the house, he had never seen Tivo and had no idea that high-def recording or live streaming existed. He didn't know that Windows XP 32 and 64-bit were different (his software failed on my platform), and it was futile to explain the difference. He had never seen a 40" TV used as a computer monitor, either.

But I'm sure he's supporting a family of four. He's mature, been doing it for a while and probably has a great resume.

Now, if you want to go into business as a cable tech, how do you differentiate yourself from this guy, who knows absolutely nothing, and has a better reputation than you do?

Stapler

[Wolvenhaven]

Has anyone seen my red stapler?

Why the Employee Fear / shame and/or Envy?

[turtleshadow]

It seems the motive is typically to get a "loan" by a lower level employee which will be paid back at some point. It would seem that the employees are in fear to actually ask their own bosses to aid them in a situation of financial strife.

Isn't that what banks are about? Making loans?

It seems that inside the banks their is a pervasive culture of fear/shame/envy by staff of the owners. The fact that management seems to be unable to get inside this situation is indicated of a manager/employee relationship meltdown.

If I owned a bakery and my employees were stealing bread to feed their families cause I pay them nothing -- that in most peoples mind is a hint about how my relationship as owner to my employees is going.

If they are stealing bread but are not starving but in fact well off thats something else - envy and greed.

In any case a Bank which gets public assistance like in "too big to fail" or some other way should begin to be held publicly accountable for internal losses -- tangible assets and data privacy breaches. Till today no one is really reporting this number out of fear in losing the public trust. When the bank fails of course the horse it out the barn doors already.

Personal Experience

[Tablizer]

I've seen this happen to a co-worker. She was generally quite out-going and talkative. But she started being quieter over time. One day it was announced that she no longer worked at the company, and through the rumor mill I found out that she had embezzled about 5 grand (mid 90's dollars) with the help of her boyfriend. She discovered by accident that some vendors would double-pay an invoice if a second copy was sent by mistake. Thus, she decided to send fake invoices to vendors with a history of double-paying, but with her boyfriend's bank account as the bill-to address of the 2nd copy. Eventually somebody noticed the bogus addresses.

The problem is that they didn't file formal charges because they wanted to protect the reputation of the company. They did confiscate all her future benefits, though; so it was probably a net loss to her.

However, by not prosecuting they set themselves up for a second attack. For another employee of the same accounting department made off with about 25 grand a few years later. I'm sure the second guy factored in the non-prosecution of the first attempt.

I'm not sure how to solve it, other than perhaps making prosecution mandatory. But I doubt companies want that kind of legal complexity for gray areas or where the evidence is weak.

Maybe some kind of "secret victim list" in prosecution, but that goes against the concept of jury-by-peers. The chance of one out of 14 jurors (with 2 alternates) spilling the beans is fairly high. And there's other issues with public disclosure laws.
   

Not surprising

I have applied to many banks to work as a teller; its a nice, cushy job that pays ok and is respectable. I have never been offered a job. I found out through some friends that banks will not hire anyone with bad credit; I kind of wondered why, as, if an employee tried to steal anything, they have a fuck-ton of cameras and security systems in place at any bank. I happen to have bad credit, so they assume that might try to screw them or something. It kind of sucks, but seeing this story, it makes a lot more sense.

Apple doesn't fall far from the tree.

[Civil_Disobedient]

I guess it's only fraud when the bank is the one getting ripped off.

When they're handed hundreds of billions of dollars of taxpayer money to shore up bad debt and open up the faucet of commerce, but then instead decide to stop lending and hoard the cash... that's... something else? Right?

Jeez, whole title should be:

[Tanman]

72% of banks say employees have committed fraud. Other 28% are lying or naive.

I have NEVER seen...

[ibsteve2u]

an argument that started with the word interestingly:

"Interestingly, it's not the stereotypical offshore or outsourced employee who's most risky to their organizations.

that was not somebody attempting either a subterfuge or the implantation of a subliminal suggestion.

You see, it may very well be true that "offshore" employees in banking have less culpability, thus far...which - entirely coincidentally, I'm sure - corresponds directly to the amount of penetration into banking that offshoring has - thus far.

Interestingly, don't you think that such statistics provide a a nifty argument for offshoring banking?

Who gathered and "analyzed" this "data", again?

The unspoken blacklisting of former employees

[turtleshadow]

I once overheard Bankers speaking and they do blacklist persons if they hurt the institution enough.

Though no charges were filed often the reference is veiled: "let go due to irregularities in performing the job" which is a whopping hint to the next employer they were doing low level fraud or in the more sinister case it was a recommendation for a let go employee -- to a competitor.

Bankers I have talked to ...

[Alain+Williams]

Some years ago I did some work at a bank in Luxembourg for a few days. One machine there was a ST400 - a SWIFT machine that could be used to ''wire'' money anywhere in the world. You send a message to this box (over a TCP/IP connection) and it would send money anywhere in the world. There was no protection on this, no login/... to control access. Everyone had a laptop (with working floppy) and could connect to the ST400. There were SWIFT books around the place describing the message format, many of those were familiar with the format.

In a bar one evening I pointed out ''how simple it would be to send a few million to a bank in Rio''. I was told ''Who wants to live in Rio?''. They were not interested in trying to fix it.

About that time I did some work at a bank in London. Every morning the director of securities arrived in the IT department with a list of errors from the overnight run (all audit trailed, etc). He got a programmer to fix them which he did by running up an SQL interpreter. There was no oversight, the director walked away before this was completed, there was nothing to stop the programmer from doing it whenever he wanted. The programmer was employed through an agency, not a bank employee.

I met someone at a social function, asked him what he did: ''I am a banker, I get to rob people legally'' -- at least he was honest!

I could go on. This sort of stuff is endemic.

Bank Armed Robbery vs. Electronic robbery

[cenc]

I had a friend years ago that was a detective on the Las Vegas Robbery squad. He told me that the average armed robber gets away with something like $5,000. The average electronic bank robbery gets away with over $500,000. He also told me that they almost never ever catch anyone committing a robbery by computer, but they get most of the people sooner or later that commit armed robbery. He was talking about both inside jobs (mostly involve some sort of computer) and outside computer attack type robberies here to clarify.

He said it was not so much tracking down a suspect, but that the nature of the electronic / insider robbery often lacked the traditional physical evidence that would really lead to a conviction. The banks and businesses don't really want to cooperate for PR / insurance / liability reasons. The nature of the evidence is not very compelling to a jury. Often it is difficult to properly get warrants across multiple jurisdictions in a timely manner and in such a way that the evidence can be used in court. Most importantly it just all around cost more money to investigate and prosecute, as it requires very expensive and specialized skills that most police departments (including the FBI) really do not have the resources to do properly. There is not a lot of political motive at the top of law enforcement and everyone else to do unless it is a really high profile robbery type thing that they have to do.

All fractional reserve banking is fraud

[1s44c]

This headline is missing the point that all banks commit theft, that's what keeps them in business and pays for their excessive bonuses.

Anyone that thinks otherwise doesn't understand fractional reserve banking.

Until we have money that is based on some real commodity money has no inherent value, it's just a points system ungrounded in reality.