• Banker on the run

    A bank client comes to regret their close relationship with a bank officer

    An old adage says, "it’s not what you know, but who you know." While that is important for networking, it’s also valuable to fraudsters who try and evade justice thanks to the connections they have. Unfortunately, this happened to a number of victims at a bank that employed a relative of a senior director who decided to line her pockets.

    Denise* was a long-tenured bank employee. She worked her way up through the ranks from teller to relationship officer over the course of 30 years, landing at one branch for 12 years. Denise had a number of clients who trusted her implicitly to manage their money. One family in particular, the Chens*, were especially close to Denise because she’d handled their accounts for seven years. “They trusted her so much and considered [her] a part of their family,” explained the CFE who later investigated the case. “They knew each other’s personal details; exchanging cards and giving gifts during holidays and birthdays were normal for them.”

    They trusted her so much and considered her a part of their family.

    One day the Chens were approached by another relationship officer at the bank who claimed they could offer a better return rate than Denise was providing them. The Chens were skeptical and told the other officer the rate they were currently getting — that’s when alarm bells started ringing. The rate was too high to be possible, so the officer took the details of the Chen’s account to internal audit and compliance at the bank. They discovered the Chens weren’t the only clients Denise was defrauding.

    The bank had anti-fraud controls in place, but they were not robust enough to stop Denise. She forged clients’ signatures to make withdrawals from accounts. She managed to override the computer approval system and used the user ID and password of a resigned employee to credit her personal account (or occasionally another client’s accounts to cover her tracks.) She would not post the transaction and, instead, make false entries on the clients’ passbooks. She provided the clients with bogus statements or typewritten entries in the passbooks instead of the official account statement.

    All told, Denise stole approximately $3.7 million, but what many people didn’t know was that Denise was a relative of a director of the bank. The fraud incident was kept very confidential and the bank quietly reimbursed all of Denise’s victims. Although they got their money back, her victims, including the Chens, were devastated by the betrayal. Meanwhile, Denise was nowhere to be found. To the best of the investigating CFE’s knowledge, she fled the country and has not been prosecuted for her crimes.

    Lessons from the CFE: Any person, despite their stature in society or their position, will steal given the opportunity — or in this case, blind trust. The type of fraud committed in this case is not extraordinary in terms of modus — in fact, we can say it is a typical assets misappropriation case. What is significant is the amount involved, the length of time the fraud was committed and the status of the fraudster. No matter how sophisticated and automated controls applications have become, we still have to ensure that the basic controls, like regular rotation of employees, are observed. And finally, remember that trust is not a control, trust is a personal thing.