1.
Ten Largest Loss Exposures for Credit Unions Don Thompson, CFE Risk Management Consultant for Allied Solutions Jay Slagel, Vice President Claims and Risk Management Allied Solutions

2.
Largest Exposures to Loss• Employee Dishonesty• Faithful Performance• Wire Transfer• Burglary• Robbery

3.
Largest Exposures to Loss Continued• Plastic Card• Forgery• Fraudulent Deposit• E-Fraud• Employment Practices

4.
Agenda• Robbery• Burglary• Wire Transfer

5.
Robbery• Robbery is defined as “taking something of value from a person using violence or the threat of violence”• Unlike burglary, robberies generally occur during business hours

6.
On Premise Coverage Robbery / Burglary• Loss of Property resulting from Theft committed by a person physically present on Premises..• Loss of damage to offices, furnishings, fixtures, supplies … resulting directly from Theft on Insured Premises ..• Loss resulting from mysterious disappearance, misplacement, damage or destruction while on the Premises ..

7.
Coverage DefinitionProperty means:Physical items in which the Insured has a financialinterest or which are held by the Insured in anycapacity: currency, coin, bank notes, Checks, drafts or share drafts, original mortgages, documents of title, evidences of debt, security agreements, money orders, certificates of deposits; or precious metals, jewelry, gemstones, tickets, stamps or coupons.

8.
Coverage DefinitionTheft means: Taking property …  W/out consent and with the intent to deprive the CU of property, or  By false pretense and with the intent to deprive the CU of property.Theft does not mean taking of property byforgery, alteration or Counterfeit.

9.
Coverage Definition• Premises means:  any of the Insured’s offices;  the Insured’s retained attorneys’ office;  the Insured’s ATM located anywhere within the building housing the CU office; or  the Insured’s ATM located in a parking lot, driveway or sidewalk immediately adjacent to the Insured’s office but not greater than 500 feet from the Insured’s office.Premises does not include a Service Center’s place ofbusiness.

10.
The Robber Looking for 3 things:  Element of surprise  Cash on hand  Lack of witnesses  Opening  Closing

11.
RobberyOctober 2011---loss, $156,000 – Occurred at opening – Turned off alarm – Forced to open vault – Tied up

12.
Robbery, What Went Wrong? One person arrived alone Ambush code Inadequate separation of duties

13.
Robbery• Written procedures• Opening procedures – 2 employees arrive together – 1 remains in vehicle – Ambush code – All clear sign – Call police

14.
RobberyAmbush Code• Does everyone know it?Separation of Duties• No one employee should have the alarm code and the full safe/vault combinationArrive in Pairs• Remote actuator

15.
Robbery• Loss $186,700• Takes teller drawers, then vault• Other employees observed the robbery• Did not set the alarm until the robber left

16.
RobberyWhen do you set the alarm?• When it is SAFE to do so

17.
Burglary• Holes cut in roof or adjacent walls, during weekend• Cut alarm system wires• Cut open safe

18.
Burglary, What Went Wrong?• Inadequate motion sensors• Inadequate alarm line security• Inadequate safe/vault alarm components

19.
Motion Sensors• Throughout office• Safe/Vault area• Control cabinet area

20.
Currency Vault Alarm Components• Door Contact• Heat Sensor• Audio accumulator

21.
Currency Vault, Old Style Door

22.
New Currency Vault Door

23.
Safe Alarm ComponentsSafe components: 1. Door Contact 2. Heat Sensor 3. Seismic Device Or 1. Door Contact 2. Capacitance

24.
Alarm Systems• Line Security – Cellular back-up• Battery back-up—48 hours• Check regularly• Separate codes for perimeter/area and safe/vault• Time clocks for after hours

25.
SAFESDo these safes look good to you?

26.
SAFESNot the best choice for cash

27.
Composite Money Safe

28.
Vault/Safe Ratings• Cash should only be stored in vaults with a rating of Class I or better OR• Safes with a rating of TL-15 or better

29.
Funds Transfer Coverage (key coverage language)Covers loss resulting directly from a fraudulent instructionthrough email, fax or phone from a person purporting to beyour member provided you: – Performed a Callback Verification involving the instruction or – Followed a commercially reasonable procedure set forth in the Funds Transfer Agreement that governs the instruction. Instruction rec’d must be logged or recorded by the CU and cause a debit or credit to the account.

30.
Wire Transfer Fraud• Telephone request to transfer $98,562 from HELOC to money market account• 10 minutes later, another call to wire funds to Moscow, Russia• Answered authentication questions• 1 week later $45,000 transferred to MM account by home banking• $63,100 wired to Bangkok Thailand

31.
Wire Transfer Fraud• Telephone request to transfer $105,000 to Korea• Faxed copy of signature and driver’s license• Compromised member’s call forwarding• Second request, tried a LOC advance, member’s cell phone called

32.
Wire Transfer Fraud• Two transfer requests by telephone, $28,600 & $44,300• Caller knew: – Money was in the account – Internet banking ID – Social Security # – Recent account activity – Year account opened – Faxed copy of fraudulent Driver’s License

33.
QUESTION?If a member uses home banking, whywould they call to transfer funds from aHELOC to checking?

34.
AUTHENTICATION Telephone Requests• ALWAYS perform callbacks – Most bonds require callbacks for coverage• Limit amount that can be transferred by telephone• Check for recent address or telephone number changes• Be extra cautions of foreign wire transfer requests

35.
AUTHENTICATION Telephone Requests• DO NOT USE –Social security number –Date of birth –Address –Mother’s maiden name

36.
Coverage DefinitionsCallback VerificationOutgoing call must be made by the CU to: 1. Verify the identity and authority of the member, 2. A Secure Telephone Number and 3. Confirm that the instruction for the wire was sent by the member who the CU believes to be an authorized sender to initiate the wire transfer.

37.
Coverage DefinitionsSecure Telephone Number means a phonenumber:  Provided by the member when acct. opened,  Provided after the acct. opened by the member while physically present on CU premises,  Provided in a signed written funds transfer agreement with the account holder,  That was a replacement number provided the CU confirmed legitimacy of the change by direct contact with the member,  That the CU obtained through a public or private telephone directory, or  Was a replacement number for the member that the CU received at least 30 days prior to the wire transfer instruction.

38.
Authentication What to Use• Password or pass phrase;• Year member’s account was opened;• Branch at which member’s account was opened;• Type or year of vehicle securing member’s loan;• Source of direct deposit;• Do you use bill pay service?

39.
AUTHENTICATION What to Use• Name two non-utility payees;• Do you get paper or e-statements;• Payable on death beneficiary;• List other accounts on which you are joint owner; and• Last loan paid off, approximate date, and collateral used.

40.
Callback Documentation– Callback Information • Name of employee performing the callback; • Phone number used for the callback; • Source or verification of the secure telephone number;

41.
Callback Documentation• Name of person (member or members authorized representative or employee) confirming the funds transfer request;• Date of the request and the “callback verification” request;• Time of the request and the “callback verification” request; and• Identification questions used

42.
Callbacks• Should be conducted by an employee other than the one taking the request• Listen for delays, clicks, etc. which could indicate call forwarding

43.
Funds Transfer Best Practices Set appropriate limits for wire transfers through telephone, fax, and e-mail requests Develop and use a clear and complete Funds Transfer Agreement Clearly establish a Callback Verification s process using a password and/or information not easily obtained by others Log all calls – Date, time, method of identification (includes questions and answers), member providing the information, and employee initials.

44.
Funds Transfer Best Practices Segregate duties between employees receiving the transfer request, conducting the call back, and making the transfer Train staff regarding call forwarding scams and to listen for audible clues Be wary of a telephone number that was changed within 30 days of the transfer request Communicate policies and procedures with all staff

45.
THANK YOU Don Thompson, CFE Donald.thompson@live.com 503 705-7796 Jay Slagel, Vice President (800)785-5527Jay.Slagel@alliedsolutions.net www.nafcu.org/allied