The damage that a fraud investigation can wreak on a bank is already well documented, but what measures can banks take to protect themselves against such incidents and minimise the repercussions if a fraudster does slip through the net? 

Fraud can cost a bank a fortune in financial losses, at the very least, and cause it to collapse if the worst happens. Even small frauds hurt a bank's reputation for competence.

Fraud can hurt anyone. There is no guarantee that the best systems will work when a bank has a malicious fraudster on the staff or on the board. The only real answer is to take realistic precautions, be watchful and keep staff motivated in the right direction. Here are some basic dos and don’ts for the board that seeks to make a profit and play fairly.

Dos

1. Do… think about fraud risk. That is the starting pointing for setting up a system. Banks prefer to think about profits, but the prudent boss worries about losses. One source of real pain comes when a fraud is discovered and a bank has to find out who has done it and how much has been lost.

2. Do… implement anti-fraud systems that make sense in business terms. So prioritise business assets and processes that are intrinsically most valuable and that you cannot afford to lose. Financial institutions will want to assess the value of their intellectual property, their treasury software and unique algorithms they have created. Who is going to trust the system that finds the low-level fraud at great expense but misses the big fraud.

3. Do… create a culture of honesty from the top of the firm and instil a sense of group ‘best behaviour’. The firm is an organic whole, where each part impacts on another. Individual bad behaviour hurts colleagues at the least and sometimes the firm as a whole is damaged.

4. Do… stress ethics and values in objective setting and performance appraisals. These must conform with the bank's human resources approach.

5. Do… include incentives for honest behaviour as well as sticks for dishonest behaviour in creating an ethical corporate culture. Bonuses for good behaviour are a language traders understand more than penalties for bad.

6. Do… make use of systems that relate to the UK Bribery Act, Foreign Account Tax Compliance Act, Solvency Two, Foreign and Corrupt Practices Act and Banking Secrecy Act, to act as an alert to internal abuses such as fraud. Barings gave Nick Leeson a dangerous amount of leeway to report his trading results as his trading results were carrying the firm. UBS lacked systems to check the fraudulent behaviour of Kweku Adoboli, the head of global synthetic equities trading, while he was making the firm money.

7. Do… keep administrative controls up to speed. These include basic things such as multiple sign-offs on payments above fixed values, the use of committees of outside directors to scrutinise board decisions, rotation of jobs to prevent or expose improper relationships, and segregation of duties using information screening barriers to prevent controls being subverted.

8. Do… watch the cross-over between the trading desk and the back office, so complete segregation of duties is enforced and breaches notified to compliance.

9. Do… vet and screen employees depending on the risk. Monitoring, accountability and reviewing both in recruitment and in daily working are integral parts of any quality management system. Employees who stay late at night in the office or never take holidays may have a scheme under way that needs their constant attention. They need certainty to protect their backs. One fraudster got undone when someone opened a bogus letter addressed to the fraudster when he was on holiday. That sort of behaviour has a downside, for example, he may become so insecure that an honest employee starts to ask if something is wrong.

10. Do… keep eyes open for people who behave out of character, perhaps appearing insecure or unusually arrogant. Watch out for the member of staff who rolls up to the office in an unusually expensive car or has a very pricey holiday. It may be that he has won the lottery or got an inheritance, but…

11. Do… trust your intuition in fighting fraud. Kenneth Whatmore, an executive at Plenitude Consulting, and former head of fraud and financial crime at Lloyds Banking Group, says: "You need to use the sixth sense. Expensive systems in institutions do a good job but the best systems are flesh and blood." Mark Tantam, head of Deloitte’s anti-fraud consultancy, says: "The fraudster might persuade himself he is above the organisation, or he might feel secretly slightly insecure about it. Then he will behave strangely."

12. Do… encourage all your employees to watch for fraud. That should not be hard (unless they are in on the fraud, of course). The thought that a colleague could be doing something underhand, dishonest or criminal shocks people and they do not want to live and work with that kind of environment. They want to do something about it, and they generally do.  

13. Do… monitor employees gauged to be at risk of abusing the trust placed in them. Fraud risk very closely mirrors the processes and operations of the business. The anti-fraud procedures must do the same. So the employee in the secure computing operation or the treasury needs more monitoring than the guy in the marketing department or sales.

14. Do… examine insurance policies for fraud risks. In the worst case, that is a scant comfort for the worried executive.

Don'ts

1. Do not… underestimate the capacity for fraud of senior and longstanding executives. Remember, the more senior the executive, the greater his remit and capacity to override controls. The biggest fraudsters are the Robert Maxwells, Peter Clowes, Bernie Madoffs, who run the show and can commit a great deal of fraud before anyone dares to question them.

2. Do not… underestimate the capacity of low-key or junior staff members to wreak havoc. Joyti De-Laurey, the personal assistant to a Goldman Sachs partner, was able to steal £4.3m ($7.18m) before the three partners for whom she worked spotted any sign that money was missing.

3. Do not… think only about the optimistic stuff such as hiring people and making profits, also think about your company’s capacity to lose money through fraud and other forms of abuse and miscalculation.

4. Do not… underestimate the capacity of highly intelligent and aggressive traders or executives to cheat the system. If their backs are to the wall or they have an expensive divorce, they will find excuses to bend rules.

5. Do not… send out mixed messages. The firm that preaches an ethical and responsible culture, but offers incentives for short-term trading, lacks credibility.

6. Do not… over-egg the incentives that staff will be tempted to deliver by cutting corners.

7. Do not… make controls so tight that you put your best staff off being entrepreneurial, honest and profitable. It is a fine line between systems that control and systems that encourage free thinking.

8. Do not… fall for the trap set by star traders and others that they can walk on water. Fraudsters like to pull the wool by undermining management’s culture and authority. Peter Young of Morgan Grenfell in the 1980s was lauded as a trading genius until he lost control of his investment scheme and resorted to fraud. Mr Young was described as "intellectually arrogant", a man who felt "unconstrained by the myriad rules and regulations designed to protect investors". People called another so-called ‘rainmaker’ their ‘messiah’, until his network of secret companies was discovered.

9. Do not… let traders anywhere near back-office reporting procedures. That way lies catastrophe, á la Mr Leeson. Segregation of roles is an absolute basic for any anti-fraud system.

10. Do not… exaggerate the capacity of systems to beat fraud. Like death, taxes and prostitution, it has always been with us. Fraud is about bad people getting round the good guys. If someone is determined to steal money or intellectual property, they will beat the best systems of control. Just hope it is not you that the fraudster sneaks by.

PLEASE ENTER YOUR DETAILS TO WATCH THIS VIDEO

All fields are mandatory

The Banker is a service from the Financial Times. The Financial Times Ltd takes your privacy seriously.

Choose how you want us to contact you.

Invites and Offers from The Banker

Receive exclusive personalised event invitations, carefully curated offers and promotions from The Banker



For more information about how we use your data, please refer to our privacy and cookie policies.

Terms and conditions

Join our community

The Banker on Twitter