ALEXANDRIA, Va.—It is almost always the first question asked when long-term fraud is discovered inside a credit union: where were the regulators?
CUToday.info posed that question to NCUA, which did not have anyone available for an interview at press time, but which did have an agency representative respond via email. NCUA will be discussing the issue with CUToday.info next week.
“First, it’s important to understand how and why fraud happens,” said spokesperson John Fairbanks. “Fraud has three basic elements: opportunity, rationalization, and financial pressure, frequently referred-to as the fraud triangle. The goal of effective internal controls, is to reduce or remove one or more of those elements to create deterrence.”
Fairbanks said that completely eradicating fraud is not possible, but credit unions can do a lot to mitigate their risk and improve early detection through strong internal controls, including segregation of duties, dual control, control reports, and analytics, as well as appropriate oversight.
“Active and involved leadership is the first line of defense,” he said. “Ultimately, the responsibility for ensuring adequate internal controls are in place lies with the credit union’s management and board of directors.”
Pointing out that most internal fraud occurs in smaller credit unions with weak internal controls, Fairbanks noted that fraud can occur in any size financial institution. “But small institutions are more susceptible; because they often lack the ability to segregate duties and implement dual controls,” he said.
Acknowledging the “serious matter” that fraud is, Fairbanks said, “Keep in perspective that, with nearly 6,100 federally insured credit unions, periodic fraud does not represent an epidemic.”
Fairbanks said that regulators, including NCUA, are working continuously to improve fraud detection.
“However, there are limits to what they can do,” he said. “In the last year, NCUA has retooled examination procedures under the Small Credit Union Examination Procedures to help identify red flags. Yet, NCUA is not a financial statement auditor and not a fraud auditor, although the agency does make use of fraud detection techniques to identify potential irregularities. This program has contributed to the detection of some of the recent frauds.”