FDIC Consent Orders Show Internal and External Risk Exposure

FDIC, banks, financial crime, fraud

A spate of recent enforcement decisions from the FDIC underscores risks that banks face — external as well as internal ones, where employees have allegedly leveraged vulnerabilities from the inside. 

The decisions, accessible here, construct a theme, as officers and workers, named in the actions but who neither admit or deny wrongdoing, were removed from office or accepted other penalties. 

In one August action against Robert S. Catanzaro, CEO and director of Independence Bank (subsequently removed), the FDIC noted that the executive “failed to implement and supervise appropriate oversight and risk management practices over the Bank’s Small Business Administration (SBA) Small Loan Advantage lending program” and the bank suffered a $1.7 million loss.

Elsewhere, in another action, citing Debra L. Poulsen the officer and director of Ericson State Bank, and prohibiting her from participating in the affairs on any financial institution, without admitting or denying wrongdoing, Poulsen had allegedly informed the bank’s board of directors “of certain misconduct which Respondent was aware, including repeated violations of the Nebraska legal lending limit; excessive, unsafe and unsound overdrafts made to benefit a certain borrower and his related entities” and other “unsafe and unsound” business practices, which in turn caused losses to the bank.

In a separate action, the FDIC’s prohibition order against Sammy Sims, serving as CFO of Eastern International Bank, was also enjoined from serving with any financial institution, in the wake of having used bank funds to purchase life insurance policies for “bank employees without the knowledge or consent of employees, and for which Respondent’s wife received compensation as the insurance broker.” Sims neither admitted or denied wrongdoing.

The above matters offer case studies for some of the risk that come at the staffing level within an financial institution, regardless of its size.

In recent PYMNTS coverage, we noted that within the back offices and C-suites of financial firms, “employees in finance and accounting best understand their organization’s financial processes, internal controls and loopholes. This insight allows them to exploit weaknesses without raising suspicion.” 

Without a clear separation of back-office “touch points,” it’s easier to take advantage of at least some handling of funds and documentation — and it gets harder to trace the money. To quote the criminal Willie Sutton when asked why he robbed banks, the answer was simple: That’s where the money is.

Back-office automation and AI are being deployed to flag irregularities, including unauthorized access to sensitive information, unusual financial transactions and other flows of activities and funds.

PYMNTS Intelligence has determined that 64% of financial professionals are using AI to combat fraud. A full 70% of banks we’ve surveyed are doing the same. 

As for the scope of the fraud, new studies are pointing to how harmful it can be for organizations. In this report by the Association of Certified Fraud Examiners, banking and financial services organizations were among the most affected by “occupational fraud,” where the median loss across several hundred cases was $120,000, check and payment tampering accounted for 14% of the cases, and billing and cash larceny each accounted for 12% of fraud cases.