A CUNA Mutual risk management expert said an enterprise approach is needed to combat the growing threat of fraud against credit unions.
A “silo monitoring” approach within each product area of a credit union no longer works, Ann Davidson, senior risk management consultant, told a breakout audience at the recent America’s Credit Union Conference in San Antonio.
Taking an enterprise fraud management approach enables a credit union to coordinate detection and prevention across the “entire business enterprise and it establishes a framework for enterprise-wide deployment of fraud resources,” Davidson said.
Gathering and cross-matching data from all product lines, organizational units and geographic regions of the credit union prepares it to “connect the dots and spot large-scale fraud attacks early in their life cycle,” she added.
As for when fraud attacks occur, Davidson said what’s critical is getting to the root cause, knowing what controls are in place and where gaps occur.
“It’s sort of like misplacing the lid to the candy jar in a roomful of kids. Until you find it and screw it back on, the candy’s going to keep disappearing,” she said.
Davidson said the most popular fraud schemes currently include card fraud, including skimming, phishing via email, phone and text, and kiting between business and consumer cards; wire fraud by phone, fax or email; insider dealings such as embezzlement, and data breaches and system intrusions
“2011 is the year of the cyber vandals. Assaults can come from anywhere in the world, they’re difficult to nab, and they use multiple computers to cover their tracks,” the CUNA Mutual risk management consultant said.