Media reports in recent months together with survey results, indicate that the risks of fraud and corruption in the Banking and Financial Services industry are on the rise. Allegations of fraud, corruption and insider trading reported in media in recent months combined with actual convictions indicate that these warning signs are spot on.
According to the 2014 Global Fraud Study conducted by the Association of Certified Fraud Examiners, of all respondents survey participants in the Banking and Financial Services sector experienced the greatest number of fraud incidents in 2012/13, being 244 of which 91 were corruption cases. The study also found that the median loss for Banking and Financial Services was US$200,000.
The Australian Banking and Financial Services sector manages and safeguards billions of dollars and failure to identify and manage risks of fraud and corruption can seriously undermine confidence in these institutions. It is also arguably one of the strongest and most respected Banking and Financial Services sectors in the world. However, there is arguably no other sector in the economy that is more vulnerable to financial and reputational loss arising from criminal conduct.
Leaving aside scandals involving financial planners, recent cases of alleged fraud and corruption cover the most basic traditions of mortgage fraud, insider trading and kick-backs. What is particularly challenging is the role played by employees conspiring with third parties, which significantly increases the risk that such scams will go undetected.
Risks of good old fashioned kick-backs have been demonstrated in allegations against employees in senior management positions for receiving kick-backs from suppliers in return for awarding lucrative contracts. What is often difficult to determine is whether the employees solicited the payments in return for awarding a contract to a supplier or alternatively, did the supplier offer a bribe to employees to unduly influence their decision making, either way, such employees can be found to have perpetrated a criminal offence in these situations. The latter option often involves deliberate grooming by suppliers and sometimes over a long period of time, through generous gifts and hospitality. Such corrupt conduct, wherein the employees abuse their position of authority and trust, can cause doubt as to whether or not the employer obtained value for money in the contract awarded, given that genuine testing of the marketplace through usual procurement processes were in fact manipulated. This can result in financial loss where the supplier cannot deliver the services required or provided at higher than market rates and remedial action is subsequently required. It can be difficult to prevent and detect a form of corruption wherein two or more employees collude with a supplier. That is, usual segregation of duties and other internal controls are circumvented, creating the opportunity for bid rigging through manipulation of design requirements and tendering processes. In summary, these issues are often much more complex than they may first appear.
Continued risks of insider trading have also being demonstrated recently in allegations against employees as well as third parties acting in collusion. The principles of the crime are straight forward but can be difficult to detect as they involve the wrongful use of knowledge gained by an employee representing a breach of confidentiality, amongst other things.
Examples of mortgage fraud have also been prevalent in recent months. Mortgage fraud generally involves collusion between a borrower, valuer, and a bank employee to submit and approve fraudulent loans whereby the amount lent significantly exceeds the lending ratio to the true value of the secured property. Additional conspirators sometimes include financial advisors who help prepare the finance applications. In some cases, persons involved are not intentionally complicit but are again groomed over a long period of time through initial legitimate valuations, loans and of course generous gifts and hospitality.
In addition, mortgage fraud can involve organised crime syndicates that deliberately seek out potential vulnerabilities and opportunities through the use of blackmail, threats and extortion to force collusive conduct from otherwise unwilling conspirators.
Mortgage or lending fraud is a specific area of increasing risk for lenders due to the risk that fraudulent loan agreements can result in the lender not been able to enforce its security. This issue has been raised by the case Perpetual Trustees v Xiao in the Supreme Court of Victoria, where a loan agreement contains a forged signature, the lender may not be able to rely on its registered mortgage to realise property.
Increasing risks of fraud and corruption should serve as a wake-up call that even the best run organisations can be deceived and harmed by cunning employees and third parties bent on criminal intent. A question on the minds of many will be – “How this could happen to organisations in the highly regulated Banking and Financial Services sector?”. Reasons for failing to prevent fraud and corruption are numerous, but can generally be narrowed down to two areas.
Firstly, in many cases organisations take actions to manage recognised risks of fraud and corruption and make informed rational decisions to accept a ‘residual risk’. That is, the organisation assesses the likelihood and impact of a fraudulent or corrupt incidents occurring and accepts that they may occur despite the level of internal controls put in place to prevent the incidents happening. This is more often than not based on a commercial decision and the organisations overall risk appetite.
Changes in the sector in recent years which impact on risks of fraud and corruption include off-shoring of functions overseas, which can lead to previously robust internal control structures no longer operating as intended. Pressures to drive down operating costs and increase shareholder returns can lead to risk and compliance budgets not keeping pace with fraudsters’ ability to commit fraud. It is expected that the increasing threat of orchestrated cyber-crime attacks will certainly continue to receive intense focus from prevention and detection controls as well as remedial response plans.Secondly, it is sometimes the case that the organisation had not properly assessed its residual risk of a fraudulent or corrupt incidents occurring, or maybe not even identifying the risk at all.
So what does all this fraud and corruption mean for the Australian Banking and Financial Services sector? Audit and Risk Committees must be vigilant in ensuring executive management has properly assessed their risks so they can make properly informed decisions about the risk appetite of their organisation.
Another question that should be asked by Audit and Risk Committees is why the fraudulent and corrupt conduct is occurring in the first place. In many cases the answer comes down to issues in the culture of the organisation or certain areas of its operations or activities. Poor culture undermines what can otherwise be a best practice fraud and corruption control framework, whereby practices and conduct are allowed and sometimes encouraged to occur in breach of policies, procedures and sometimes regulations.
What should be done? Firstly, organisations must ensure that they have properly identified and assessed the risks that fraud and corruption will occur and harm their organisation and that appropriate policies and procedures are designed and operating to control those risks. Secondly, they must ensure that a culture of compliance with their organisations values, policies and procedures exists across all their operations and activities. Thirdly, that its employees are properly trained to ensure they have an understanding and acknowledgement of those values, policies and procedures and most importantly know how to recognise and report concerns of non-compliance and unethical conduct.
The 2014 Global Fraud Study results combined with recent incidents of fraud and corruption in the Australian Banking and Financial Services sector are a reminder that all sectors in our economy can and will be victims of fraud and corruption. The opportunities will be greater where a culture exists that enables perpetrators to rationalise their conduct. However, great standards of corporate governance and the right culture can still not guarantee that ‘bad apples’ will not exist and cause harm. Only time will tell whether our financial service victims are suffering from cultural issues, just a few bad apples or both.