Thanks to visit codestin.com
Credit goes to www.scribd.com

Scribd
Upload
69 views31 pages

Fraud Prevention and Detection

Uploaded by

dozcan
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
69 views31 pages

Fraud Prevention and Detection

Uploaded by

dozcan
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 31

Fraud Detection and

Prevention

Timothy P. Minahan
Vice President
Government Banking
TD Bank
Prevention vs. Detection

 Prevention controls are designed to keep fraud from occurring

 Detection controls are designed to detect fraud

2
What is Fraud?

An illegal act involving the obtaining of something of


value through willful misrepresentation.

3
Common myths about Fraud

 It wont happen to me.

 It is not a big deal.

 We have our controls in place.

 Someone else will take the loss.

4
Types of Fraud

 Check Fraud

 Cyber Crimes
̶ ACH Fraud
̶ Wire Fraud

5
Types of Cyber crimes

 Hacking

 Trojan Horse

 Phishing

 Spyware

 Key Logger

6
Hacking

Illegal intrusion into a computer system without the permission of the


owner.

 Virus Dissemination
̶ Virus, Key Logger, Trojan Horse

 Email
̶ High school friend, unknown sender

 Hyperlink
̶ They know what you like

 Software Download
̶ Games, screen savers,

7
Trojan Horse

 Virus hidden in a file or a program

 Downloaded from Internet

 Downloaded from email

8
Spyware

 Spyware is a type of malware that is installed on computers and


collects little bits information at a time about users without their
knowledge. The presence of spyware is typically hidden from the
user, and can be difficult to detect. Typically, spyware is secretly
installed on the user's personal computer

 Watch sites you visit

 Read you email

9
Key Logger

 Keystroke logging (often called key logging) is the practice of


tracking (or logging) the keys struck on a keyboard, typically in a
covert manner so that the person using the keyboard is unaware that
their actions are being monitored. There are numerous key logging
methods, ranging from hardware and software-based to
electromagnetic and acoustic analysis.

 From a virus

 USB Port

 Purchase online

10
Phishing

 phishing is the criminally fraudulent process of attempting to


acquire sensitive information such as usernames, passwords and
credit card details by masquerading as a trustworthy entity in an
electronic communication. Communications purporting to be from
popular social web sites, auction sites, online payment processors or
IT administrators are commonly used to lure the unsuspecting public.
Phishing is typically carried out by e-mail or instant messaging,[1]
and it often directs users to enter details at a fake website whose
look and feel are almost identical to the legitimate one

 A technique of pulling our confidential information from the bank


account holders by deceptive means.

 Fake login page

 Deceptive login, (looks like bank website)

 Sometimes link to real website

 Phishing email with a link verify important information

11
Vishing

 Are attacks in which bank customers are contacted by email or phone


and told that their checking accounts have been compromised.
Instead of referring to a website you are given a toll-free number to
call.

12
ACH Fraud

 Best Prevention tool: Internal Controls

 Written ACH Procedures

 Required Verifications

 Dual control

 Prompt Review and reconciliation of accounts

 Debit Blocks and Filters

13
ACH Debit Blocks and Filters

 Protects against unauthorized, Fraudulent or erroneous ACH Debit


Activity

 Rejects the transactions, so they never hit your account

 Debit Blocks

 Debit Filters

14
Wire Fraud

 Best Prevention tool: Internal Controls

 Written Wire Transfer Procedures

 Required Verifications

 Dual control

 Prompt Review and reconciliation of accounts

15
Prevention

 Watch for warning signs

 Listen to employees

 Follow established hiring practices

 SCAN computers often

 Follow policies and procedures

 Strong Internal Controls

16
Fraud Detection

 Bank reconciliations

 Positive pay

 ACH Debit Blocks and Filters

 Alerts

 Audits

 Watch for warning signs


̶ Something is different

 Alert Employees

17
Internal Controls

 Shred documents when discarding

 Lock important information and items


̶ (Signature Stamps, Check Stocks, Statements)

 Limit Access

 Limit Authorities

 Educate your team on the importance of policies and procedures

 Dedicated Treasury Work Station

 Positive pay

 ACH Debit Blocks and Filters

 Use Dual Control

18
Internal Controls

Segregation of Duties

Separate Basic Functions

 Initializing a Transaction

 Authorizing a transaction

 Maintaining records

 Reconciliation

19
Ways to Stop internet fraud

 Segregate responsibilities for entries and approvals

 Use of Dual controls

 Use multi-factor authenacation tools (secure id token, digital


certificates, smart cards)

 Delete exiting employees user ids and authorities

 Adopt and enforce strict and effective internal controls

 Require passwords changed periodically

 Always signoff your computer when leaving station.

 Create strong passwords

 ACT Now

20
Passwords

 Change passwords often

 Don’t share passwords and User IDs

 Don’t write them down

 Be careful where you hide them


̶ (In desk drawer, side of monitor, under keyboard, under phone, excel file)

 Don’t use easy to guess at passwords (birthday, maiden name)

21
Do and Don'ts

 Don’t use pop or flash drives

 Don’t allow software down loads

 Don’t click on hyperlinks

 Don’t allow employees to add hardware or software

 Don’t open and email from a unknown sender.

 Don’t leave sensitive material out

 Don’t use save login features

22
Do and Don'ts

 Do limit online access

 Do change passwords often

 Do scan often for viruses and spyware

 Do update anti-Virus software

 Do use a firewall

 Do Shred documents

 Do update and review controls with employees

 Do run random audits

 Do secure all check stock

23
Collusion

 Team effort to defraud

 Audit routinely

 Provide ways for individuals to whistle blow

 Make changes in controls

24
Fraud opportunities

 Disregard for internal controls

 The absence of controls

 Ineffective controls

25
Check Fraud

 Oldest form of deposit account fraud

 Counterfeit checks

 Altered checks

 Forged signatures

 Organized Crime

26
Positive Pay

Key Features and Benefits


 Protects against unauthorized check activity

 Maintains Controls on accounts

 Rejected Transactions never hit your account

 Allows authorization of a specific item review

27
Payee Positive Pay

 Enhanced fraud protection —Payee name

 Teller Payee — Payee names can be reviewed at the branch teller


window

28
Anti Fraud Resources

 FBI http://www.fbi.gov/majcases/fraud/fraudschemes.htm

 FDIC http://www.fdic.gov/consumers/consumer/index.

 US Secret Service http://www.secretservice.gov/

29
Recap

 Use Strong Internal Controls

 Scan for Viruses and Spyware

 Educate Employees

 Use Positive Pay

 Use ACH Debit Blocks and Filters

 Act Now

30
Timothy P. Minahan

Vice President

Government Banking

TD Bank

518-761-7369

31

You might also like