Insider fraud is an age-old problem for financial institutions, but more-sophisticated technology breeds more-sophisticated fraudsters. The rise of criminals and crime rings that are willing to pay top dollar for consumer information has led to the proliferation of a new type of insider fraud, which, according to the Federal Deposit Insurance Corp. (FDIC), has in recent years made up more than half of all bank fraud and embezzlement cases closed by the FBI.
The typical U.S. organization loses six percent of its annual revenues to fraud, according to the 2004 Report to the Nation from the Association of Certified Fraud Examiners. Applied to the U.S. Gross Domestic Product for 2003, this translates to approximately $660 billion in total losses. The study also found that once an organization has been defrauded it is unlikely to recover its losses, and it concludes that "the most cost-effective way to deal with fraud is to prevent it." The FDIC agrees: "The early detection of fraud is key to limiting risk to an insured institution."
So in August, BITS (Washington, D.C.), a nonprofit consortium of 100 of the largest U.S. financial institutions, released its own insider fraud prevention service, which consists of a list of former financial institution employees who have compromised consumer information and/or knowingly caused financial losses.
Financial institutions that sign on to the service will contribute their own internal fraud records to the database and will be able to run potential employment candidates' names through the database, says Russ Chacon, SVP of business development for Early Warning Service LLC (Scottsdale, Ariz.; formerly Primary Payments Systems), which developed and manages the service. "Most institutions involved are contributing three years worth of historical data," he says.
Although the service is still in its pilot stages, eight of the largest banks have already signed on to the service, and several others are "very close" to signing, says Shirley Inscoe, SVP at Charlotte, N.C.-based Wachovia ($497 billion in assets) and chair of the BITS Fraud Reduction Steering Committee. "I've never seen a new product be embraced by the industry like this. It's phenomenal," she says. "We want our existing employees to understand how serious we are about insider fraud. The service will be a deterrent."
Banks have mainly been reactive in their anti-insider-fraud strategies, but, like Wachovia, "most of the top 25 banks are looking to be proactive today," says Mike Williams, VP of product marketing for Concord, Mass.-based Memento, a new software group that focuses on monitoring, detection and investigation of internal fraud in banking.
Memento works with banks to uncover new and changing patterns of internal fraud that may be occurring inside the institution. "We make it easy to create fraud scenarios," Williams says. "The issue with fraud is that schemes are always evolving. You want to be able to modify the scenarios based on the results that you receive." The company installs a software application inside the bank that pulls data in from all of the relevant transaction systems. The program's end user -- on the business, not IT, side of the bank -- is responsible for creating these scenarios. And to ensure high-quality leads, "Our system makes it easy for banks to minimize false positives," he says. *