www.marktreichel.com

https://www.linkedin.com/in/mark-treichel/

Hello, this is Samantha Shares. This episode covers

A portion of The O C C's Semiannual risk perspective Special topic

Increase fraud targeting the federal banking system.

The following is an audio version of that topic. This podcast is educational and is not legal advice. We are sponsored by Credit Union Exam Solutions Incorporated, whose team has over two hundred and forty years of National Credit Union Administration experience. We assist our clients with N C U A so they save time and money. If you are worried about a recent, upcoming or in process N C U A examination, reach out to learn how they can assist at Mark Treichel DOT COM. Also check out our other podcast called With Flying Colors where we provide tips on how to achieve success with N C U A.

And now the letter.

The special topic focuses on the increasing trend in external fraud activity targeting consumers and the federal banking system. The frequency of both traditional and novel, more sophisticated fraud activities targeting customers and banks continues to increase. Banks should maintain sound fraud risk management practices through prudent controls and appropriate fraud monitoring capabilities to identify, investigate, mitigate, and report fraudulent activity. Banks can also support their customers by providing educational information about trending fraud activities and ways to protect themselves.

Criminals continue to exploit traditional payment methods through check and wire transfer schemes. The Financial Crimes Enforcement Network (F I N C E N) September 2024 "Financial Trend Analysis" analyzed threat patterns and trend information on mail theft-related check fraud incidents over a six-month period in mid-2023. The report noted that financial institutions filed 15,417 B S A reports on mail theft-related check fraud, 13,618 (88 percent) of which were filed by banks. It described several types of check fraud such as bad actors altering stolen check payees and amounts, using the stolen check to create counterfeit checks, fraudulently signing the check, and selling the check or its identifying information on dark web marketplaces or encrypted social media platforms. Furthermore, the O C C's Customer Assistance Group observed an increase in the number of check fraud-related complaints submitted by consumers over the past year.

Federal banking system-related wire transfer complaints that consumers submitted to the Customer Assistance Group reflect an increasing trend. For wire transfer schemes, the fraudster often poses as a trusted business, government agency, or even a bank employee, fabricating scenarios that require immediate action and convincing, with urgency, victims to wire money to a fraudster's account. In most cases, once the wire transfer is complete, the funds cannot be retrieved.

While artificial intelligence (A I) can enhance fraud risk management capabilities, reduce costs, and improve efficiency, this and other new technologies are also being used to enable increasingly more sophisticated and frequent fraud tactics. Fraudsters could use A I to implement sophisticated frauds by digitally altering voices, biometric systems, or images (also known as "deepfakes"), or to facilitate social engineering schemes, identity theft, and impersonation of a trusted business or government agency. For example, deepfakes through voice replication have been used to perpetrate fraud by tricking voice biometric systems or by convincing a victim they are dealing with someone they know and trust, such as a family member.

Increasing product and service digitization can also heighten fraud risk, including fraud targeting peer-to-peer (P2P) and other fast payment platforms. P2P payment platforms can provide enhanced capabilities and convenience to consumers and other users for managing payments. However, criminals also have exploited the faster, more streamlined payment capabilities and the irreversible and irrevocable nature of these payments.

Effective fraud risk management includes appropriate internal controls, such as authentication, customer identification and verification processes, fraud monitoring, and open lines of communication between bank departments responsible for researching unusual activities. It is critical for banks to promptly identify, investigate, and resolve suspicious activities and potential fraudulent concerns. Banks should also continue to promptly identify, investigate, report, and resolve fraud concerns in accordance with applicable laws and regulations, including the B S A, Expedited Funds Availability Act (Regulation C C) and Electronic Fund Transfer Act (Regulation E).

Recent increases in the volume of fraud cases have led to heightened unfair or deceptive acts or practices (U D A P) risk as some banks may take prolonged timeframes to complete investigations or implement broad account access limitations, preventing customers---including those who are not victims of fraud--- from accessing their funds. If banks on either side of the transaction do not complete investigations expeditiously, customers may not have access to funds for extended periods of time, which may create financial hardship for them.

Banks can continue to support customers by providing information about scam and fraud trends and education of potential preventative measures. For example, to address the prevalence of text messaging and bank impostor scams, it can be beneficial to inform customers about how the bank will contact its customers regarding potential fraudulent transactions, as well as the strengths and limitations of various authentication methods and how to identify potential fraudulent schemes. Banks can also develop policies and procedures regarding what and how to communicate with customers when the bank determines that account access should be limited, taking care not to reveal the existence of any suspicious activity report (S A R) filing, and ensuring that the communication is otherwise consistent with safe and sound banking practices. Communications can provide critical information to customers seeking to access their funds.

In addition, staff can be trained to identify and respond to customers seeking to conduct unusual transactions that have signs of fraud, such as a large withdrawal or wire transfer that may be outside of a customer's usual transaction habits. Employee training may also include identifying red flags for different types of financial exploitation, providing proactive approaches to detecting and preventing elder financial exploitation, and detailing actions for employees to take when they have concerns. When multiple departments are responsible for researching unusual account activities across functions such as B S A compliance, fraud prevention, consumer protection, and open lines of communication between the bank's departments are important and may result in enhanced coordination and expedited resolution.

This concludes the fraud portion of this report.

If your Credit union could use assistance with your exam, reach out to Mark Treichel on LinkedIn, or at mark Treichel dot com. This is Samantha Shares and we Thank you for listening.