By Kevin Byrne, Senior Regulatory Consultant, Wolters Kluwer Financial Services

After reading the article below, you wonder how a person can successfully perpetrate new account fraud via identity theft at a financial institution (FI).  Simply put,  it shouldn’t happen.

ID theft is now “old news” and we all know how the thieves get the information and what information they need to get on a person to attempt to steal identity. With name, address, TIN, DOB and mother’s maiden name, ID thieves reacked havoc on unsuspecting consumers years ago.  Suprisingly, it’s still happening.

A robust CDD and EDD program that “authenticates” customers attempting to open accounts at an FI goes beyond the basic questions of name. address, TIN, etc and asks detailed previous history questions that only the true customer can know. After asking the series of questions, a scoring result is presented to the FI so that a logical and informed decision can be made surrounding the potential customer. The use of this type of automation can prove to be invaluable to the FI by preventing new account fraud, loan fraud, ID theft etc.  A solid ROI can be proven in minimal time by preventing just one bad customer from getting into the FI.  Making the arrest of the bad guy is one thing - but actually preventing the fraudster from vicitmizing your bank in the first place is another - and should be your ultimate goal.

Myrtle Beach man sentenced for bank fraud, identity theft

Myrtle Beach man was sentenced in federal court for bank fraud and aggravated identity theft, U.S. Attorney W. Walter Wilkins said today.

Abdurrahman Cetin, 43, was sentenced to seven years in prison, to be followed by five years on supervised release, Wilkins said. Cetin was also ordered to pay $40,246.53 in restitution.

Evidence presented at trial showed that Cetin collected the personal and financial information of customers at a Toyota dealer in Long Island, NY, while working there as a salesman in 1999, Wilkins said.

Cetin saved the information and when he moved to Myrtle Beach, he used the information to open five bank accounts and obtained lines of credit at two Myrtle Beach banks, Wilkins said. When opening the accounts, Cetin gave other people’s names, dates of birth, and social security numbers.

He then withdrew money on the lines of credit he had established, Wilkins said.

Cetin was arrested at one of the banks and a search of his residence turned up six driver’s licenses with Cetin’s picture on them but in other people’s names, and 37 credit cards which had been issued matching the names on the counterfeit driver’s licenses, Wilkins said.

Other individuals’ credit reports and a computer used by Cetin to order counterfeit driver’s licenses were also found, Wilkins said.

by Amy Downey, VP Professional Services, Wolters Kluwer Financial Services | PCi

Compliance management and safety and soundness are two sides of the same coin. If you manage your consumer compliance you will also be managing your safety and soundness. I recently heard this during an interview with the regulators at the ABA Regulatory Compliance Conference in Florida.

Risk management is typically a manual time (and resource) consuming process. Financial institutions are looking for an integrated, structured workflow tool that combines all of the institution’s risk into a single set of steps for the business. The number of regulations changing this year is re-shaping the way we think about compliance and our business.  A word to the wise - there will be a direct correlation between the time banks spend preparing now and their ability to readily comply later. I recommend acting now to evaluate systems and processes to make adjustments, enhancements, additions, etc. to accommodate the impact of imminent regulatory changes. Budgets and resources are tough – but I caution against being penny-wise right now. (You know the rest of the saying but I’ll say it anyway; in my estimation that would be pound foolish.)

by Edward B. Kramer, Executive VP, Regulatory Programs

Below are a few very-telling snippets I heard from the Federal bank regulators while attending the ABA Regulatory Compliance Conference in Florida:

• Be aware of the fair lending implications of your credit tightening in the current environment.
• Remember that fair lending/predatory lending violations will be factored into your CRA rating.
• Watch for the adequacy of the disclosures and monitor for fair lending issues with reductions in lines of credit. Your regulator is!
• CRA reformers are focusing on the quality of the loans you make, not just the quantity.
• There has been a high level of intensity in all fair lending exams. Increasing number of “MRAs”, threats/cases of referral.
• Good corporate governance right now requires having a compliance committee and an effective compliance training program.
• Closely review and monitor your complaints.
• Banks need to perform fair lending risk assessments. Look for disparate treatment, disparate impact, and overt discrimination.
• Your CRA rating should not come as a surprise.
• Indirect auto is high up on the radar screen.
• There is a need for banks’ servicing units to conduct risk assessments, reviews and testing to identify any potential discriminatory practices in how loans are being serviced. This is not just for foreclosures, workouts and loan mods.

The industry continues to talk about the interplay between the new higher priced mortgages under Regulation Z and the HMDA reporting requirement under Regulation C.  These are two areas of concern.

First, the reportable rate spreads that are filed on your HMDA report will be an easy starting point for examiners to find higher priced mortgage loans. There is nothing wrong with originating a higher priced mortgage or reporting one on your HMDA LAR as long as you have the tools in place to properly catergorize the loans and to know that you can originate the loans in compliance with the new requirements.

Secondly, you may see an increase in denial rates because of underwriting changes due to the implementation of the higher priced mortgage requirements. An institution should monitor their denial rates to ensure that all applicant’s are treated fairly and their HMDA LAR does not indicate any unfair practices.

HMDA data is a powerful tool. Your examiners use it to learn about you. You should use it first to know the story your lending tells before the examiners arrive.

While crooks are always out there trying to be “one step ahead” of the good guys attempts to thwart crimes, Financial Institutions (FI’s) see motivation for attacks from multiple angles. Not only do the FI’s have to be concerned about criminal activity from outsiders and employees, now add customers to the mix as well.  Today’s tough economy only increases the temptation by crooks to find a way to steal money. While the armed robbers are still out there, the “electronic robbers” are out in force and growing.  Furthermore, as technology develops, so do the crimes.

The article below clearly indicates how FIs are being attacked in any way possible and highlights the need for a comprehensive loss prevention tool. Automation can help detect patterns of criminal activity and abnormal behavior, and help alert the FI to suspicious activity before the losses mount. Making an arrest is great, but often by that time, the losses can be significant and have a major imact on the balance sheet. Detecting suspicious activity in advance of the crime, and preventing the loss in the first place are the keys to mitagating your overall losses. 

Read the article below from The Credit Union Journal- Thursday May 14, 2009

Gang Bilks $500,000 From Navy Fed

Credit Union Journal  |  Thursday, May 14, 2009

SAN DIEGO – In what is believed to be the first connection of violent street gangs to a sophisticated bank scam in California, 60 suspects were arrested Tuesday in a predawn raid here and charged with scamming Navy FCU out of more than $500,000.

The suspects, including more than a dozen members of San Diego’s Lincoln Park gang, were charged with conspiracy, money laundering, forgery and burglary.

“Street thugs, operating like white collar criminals, devised an ingenious scam to bilk Navy Federal Credit Union out of $500,000,” said California Attorney general Edmund Brown, Jr. “They recruited and paid off willing credit union members and manipulated rules to feed their criminal enterprise.”

The gang members, according to authorities, recruited acquaintances who had accounts at Navy Fed and paid them a portion of the receipts in exchange for their credit card and personal account information. The member information allowed the recruiters to deposit counterfeit checks in the accounts that were withdrawn in cash. The account holders then reported the card stolen. Most of the transactions were conducted on ATMs at the Barona Indian Casino. The casino was targeted because it has a point-of-sale ATM that allows for larger withdrawals than most ATMs, officials said.

The investigation was initiated after Navy Fed officials noticed suspicious activity in 2005 and reported it to the U.S. Secret Service. San Diego gang detectives were brought in to identify and interview suspects.

The total loss is estimated at more than $500,000, which investigators believe was used to help fund illegal gang activities and pay for a lavish street gang lifestyle.

Among those charged are three active duty Marines, a sailor and an Army soldier, who had accounts at the credit union and cooperated with the scheme. Sixteen of the 60 are Lincoln Park Gang members.

The suspects are scheduled to be arraigned in San Diego Superior Court this morning.

While attending the MBA’s Legal Issues And Regulatory Compliance Conference last week, several of the speakers spoke about controlling risk throughout the process. Legal and Compliance should be involved in the risk management process from beginning to end. The Legal and Compliance department has the global perspective on risk while the business line has a better day-to-day perspective. Putting these two together in a risk management strategy insures that all risks will be considered. You should use this approach for launching new products, updating training materials or changing business initiatives.

I just read with interest a great article in the May Scotsman Guide on what the May 1st Red Flags deadline set by the FTC really means for mortgage brokers.   In addition to covering the basics of the regulations, the article delivers solid detail on specific steps that firms should take to create a compliant Red Flags program, and offers several considerations for firms contemplating an automated solution.  To read the article:  http://www.pciwiz.com/news/pdf/articles/ScotsmanGuide0509.pdf

By Edward Kramer

During PCi’s Your CRA Exam is a Story: Write a Masterpiece Webcast earlier this week focusing on Performance Context, two very timely questions were posed by participants. I wanted to share them, and my responses:

Q. Given the state of the economy and the troubled banking system, how will regulators view the decrease in overall lending home mortgages & small business loans) and investments for CRA purposes? Most banks have cut back in terms the amount of donations they will make and the organization(s) that they may have sponsored in the past they may not in the future.

A. Here’s where performance context comes into play. The current economic environment is challenging for banking in general and CRA in particular. It’s essential that the bank clearly articulate the impact that the current economy has had on their institution, and its ability to make loans, investments, and provide services. It must also demonstrate to the examiners what the current situation is in the local real estate market and the impact that is having on their ability to meet the local borrower’s needs and the level of demand for mortgage and small business loans.

Regulatory agencies and their examiners are aware that CRA activities can only proceed in a safe and sound manner. Depending on the impact that the current economy has had on the bank, examiners are likely to temper their expectations and evaluate the bank accordingly.

With all that said, it is important for the bank to become more innovative and flexible. Look for new opportunities to gain CRA credit. If you are doing loan modifications, examiners are likely to give CRA credit for the loan modifications involving low and moderate-income borrowers. If REO property is given to qualified local organizations, examiners are likely to give CRA credit for that.

And, make the case for retaining your current rating. Don’t leave it to the examiner to make it. Now more than ever dialogue with your examiners is essential. Remember, you’re not the only bank that is experiencing a decrease in overall lending (home mortgages & small business loans) and investments for CRA purposes, or is being forced to cut back.

Q. What if you are the first in your service area to have a review that includes toxic 2008?

A. This may be very different than what I addressed in a related matter earlier. The reference to toxic 2008 may be referring to what resulted in the FDIC recently downgrading some banks to a “needs to improve” rating for making predatory loans or buying mortgage-backed securities that contained predatory loans. One of the banks had purchased $3.1 billion of subprime loans with “predatory characteristics.” The FDIC report, dated May 2008, said the loans’ features “greatly increased the risk that the borrowers would default, or otherwise be in a worse financial position.”

By Amy Downey

Last week I was discussing the process flow to test all applications early and frequently throughout the loan life cycle to ensure that they are properly identified as higher priced mortgage loans under Regulation Z. The timely designation will be critical to properly approve loans using the new requirements. A collegue pointed out that even with the best intentions throughout the process the loans of real concern will be when the scenario changes late in the process. When you are writing your new procedures don’t forget to address how to handle when the loan has been underwritten subject to an appraisal and the appraisal comes in low. If the lowering of the loan amount now makes the loan a higher priced mortgage loan that loan will have to be re-analyzed in accordance with the Regulation Z requirements before it can close.

By Amy Downey

Banks are acting now to ready systems and update policies and procedures in advance of the October 1, 2009 effective date. October 1 will mark a significant change in the Regulation C reportable rate spread and the addition of a new lower predatory lending threshold under Regulation Z (Higher Priced mortgages). In a nutshell, the Federal Reserve Board exercised its broad authority under TILA to prohibit abusive mortgage lending practices by revising Regulation Z and, by using the same calculation method, the FRB hopes to improve the accuracy and usefulness of data reported under HMDA without unduly burdening mortgage lenders. The new Annual Percentage Offer Rate benchmark and thresholds require that banks prepare now for the organizational impact of these changes. While the effective date for the regulations is not until October 1, there is significant groundwork to cover to ensure compliance. In addition to having systems in place to programmatically test for higher-cost loans and calculate the new rate spreads, banks will want to update policies and procedures and educate staff and Board members on the changes. For information on systems and consulting services from Wolters Kluwer Financial Services|PCi, click here.