Malzahn Strategic - Minneapolis, MN skyline

Synthetic Identity Fraud Risk Assessment

Synthetic Identity Fraud Risk Assessment

Synthetic Identity Fraud Risk Assessment is a key component of your Enterprise Risk Management risk assessment. Identity theft is not new. In fact, is as old as checks being stolen from a mailbox to apply for credit using the victim’s name or to make purchases using the checks. When conducting an Enterprise Risk Management Risk Assessment, ensure to include this new risk category that I call “Customer and Synthetic Identity Fraud.”

The Federal Reserve formally defines Synthetic Identity Fraud as the use of a combination of personally identifiable information (PII) (Off-site) to fabricate a person or entity in order to commit a dishonest act for personal or financial gain. There are two primary ways your institution could be dealing with Customer Risk:

  • Identity Theft: Someone stole another person’s identity.
  • Fraudulent Entities: A company is completely fraudulent and conducts business as if they were legitimate.

In the most common way of identity theft, your institution provides banking services such as depository accounts or loans to persons who stole someone else's identity. They use the Personal Identifiable Information (PII) to open accounts and apply for loans.

Dealing with fraudulent entities is a different matter and they are harder to identify as such. They establish the entire scheme from beginning to end. They organize a company, hire real employees, create fictitious sales and produce Accounts Receivable records—including legitimate invoices. They even pay bills just like any other legitimate company—except it’s all fake. Some employees have no idea they are working for a fictitious organization until the Feds show up at their doors after years of investigation.

Protecting Your Institution from Synthetic Identity Fraud/Customer Risk

So, how does your institution protect itself from these two types of Customer Risk? Below are some questions you should include in your Risk Assessment when assessing “Customer Risk:”

  • What other risks are impacted when Customer Risk occurs in your institution? Typically, you may have reputational risk as well as earnings, regulatory, and legal risk.
  • What mitigating factors do you have in place? Mitigating factors can be your software solutions to automate the CIP processes.
  • Is your BSA Program strong and include robust CIP, KYC, OFAC checks, CDD, and EDD (see key below)? Your BSA Program must include all these elements.
  • Do you have an ongoing training program for your employees and how often do you train them? Without the appropriate and timely ongoing training your employees will miss important cues to identify and prevent fraud.
  • Do you offer training for your customers? Regulators are increasingly asking institutions to provide some type of identity theft training for your customers.
  • Are dual controls and segregation of duties in place for new deposit and loan accounts? For example, one employee opens the account, a second employee makes the deposit, and a third person reviews the core system’s Daily Activity Log?
  • Have you implemented a BSA Fraud Software to automate the process? Automation is the trend to avoid the intensive manual monitoring and reporting processes.
  • Are procedures in place to monitor kiting suspect activities and filing SARs and CTRs on potential AML activities?
  • Do you monitor daily overdrafts regardless of the amount, high risk customers, and mobile banking deposit activity?
  • Are monitoring systems in place to alert your employees of potential fraudulent transactions in your customers’ accounts?

As mentioned above, the Synthetic Identity Fraud Risk Assessment is a key component of your Enterprise Risk Management risk assessment. I hope these questions will help you complete a Customer/Synthetic Identity Fraud Risk Assessment. If you need help conducting this type of risk assessment, feel free to reach out to us.

Below is a key to all the acronyms used above for your reference:

  • BSA = Bank Secrecy Act
  • CIP = Customer Identification Program
  • OFAC = Office of Foreign Assets Control
  • AML = Anti-Money Laundering
  • KYC = Know Your Customer
  • CDD = Customer Due Diligence
  • EDD = Enhanced Due Diligence
  • SAR = Suspicious Activity Report
  • CTR = Currency Transaction Report

Treasury Management Challenges and How to Solve Them – Part III

Treasury Management Challenges and How to Solve Them

Are you wondering how to deal with your top treasury management challenges and how to solve them? You’re not alone. In this three-part article, I share the top challenges that treasury management officers (“TMOs”) face and provide you with ideas on how to deal with each one. Part I addressed the top two challenges: waiving fees and the importance of turning Account Analysis System on. In Part II we addressed the challenges with the ECR, lack of education on Treasury Management, and the organizational design for TM department. Let’s continue with the last three top challenges:

Challenge #6: Lack of ongoing maintenance and support for existing business customers or members.

Ideally, your institution has a formal sales process that leads to product implementation and ends with the established customer or member ongoing support and maintenance. Many institutions have not formalized any of these three important processes. Therefore, there is confusion as to who should do what during the onboarding and ongoing support of TM customers.

Solution: Establish a formal sales process that flows from a customer or member onboarding to TM product implementation. Clearly define roles as to who provides the ongoing support and maintenance of TM business customers or members.

Challenge #7: Thinking you don’t need core deposits.

Due to the government relief and Paycheck Protection Program (PPP) during the pandemic, most institutions, regardless of size, have excessive liquidity levels. However, that will end. We will go back to the times where institutions fight for core deposits. Now Fintechs compete with banks and credit unions for core deposits.

Solution: Ensure you bring the depository side of the business as you onboard loan customers. Focus on both sides of the balance sheet—assets and liabilities. Treasury Management is one of the best kept secrets to bring additional core deposits. TM products glue your business customers or members to your institution. Additionally, if you make it easy to join your institution and glue them with TM products, they will not want to leave!

Challenge #8: Lack of talent in the market.

Treasury Management professionals are scarce. Every institution I know is looking for one.

Solution: Keep a pipeline of potential candidates that could join your institution in the future. The other option is to train from within. The best candidates for TM sales come from business banking, private banking, or universal bankers who show interest in working specifically with businesses. The best candidates for TM operations come from deposit operations, electronic banking, or core system gurus.

I encourage you to educate your entire staff on treasury management. When everyone understands the value of treasury management products and services (to increase core deposits and non-interest fee income), you acquire a competitive advantage over your competition.

I hope the solutions presented here are helpful to you on your quest to deal with the top treasury management challenges and how to solve them.

Books by Marcia Malzahn