The Office of the Comptroller of the Currency (OCC) is focused on the responsibility of financial institutions—national banks and Federal savings associations—to be responsible for the risk management of business operations whether they are performed internally or through third party vendors.

CIT companies are clearly included in this mandate.

The OCC recognizes that the growing interconnectedness of banks with third party cash management service providers has created new sources of risk due to gaps or inconsistencies of controls that can occur where distinct businesses interface. In everyday terms, this means there can be situations where “no one is in charge.”

Since the OCC is responsible for the security of the overall financial system, it is moving to make banks accountable for the gaps and inconsistencies between them and third party vendors that may pose risk to the system.

This creates specific kinds of difficulties for banks because they can be held accountable for the actions of organizations they do not own. Banks and their third party vendors, including CIT businesses, have different regulatory, standard practice, and incentive profiles, as well as different cultures and assumptions.  It will take especially thorough due diligence to write contracts that lay out the important responsibilities and performance expectations for the different parties to get all the entities on the same page.

In these circumstances, monitoring performance takes on greater importance. There is a substantial possibility that unanticipated gaps or inconsistencies will emerge despite careful risk management planning. Banks have a strong incentive to measure performance and find irregularities as quickly as possible. … Continue reading

Preventing organizational fraud demands systematic planning and implementation. This entire process, from inception and assessment to performance evaluation is complex, even in smaller organizations. Yet, the payoff for the effort can be huge.

In this post, we offer an overview of the elements of a fraud prevention program that would be useful in any organization. Summarized from, Managing the Business Risk of Fraud: A Practical Guide, produced by a consortium of associations, the guidelines point to specific steps managers can take to implement an effective fraud prevention program. … Continue reading

Most crimes of occupational fraud are motivated, at least in part, by some kind of financial pressure. And while committing a fraud, the perpetrator will frequently display certain behavioral traits associated with the stress or fear of being caught.

These “red flags” are behavioral and system-based clues that can be picked up by attentive managers, colleagues, internal auditors, or subordinates. In turn, these clues can put an organization “on notice” that a trusted individual may be engaging in some form of improper or fraudulent conduct.

The Association of Certified Fraud Examiners (ACFE) in its 2012 Report to the Nations pinpointed the most common behavioral red flags associated with occupational fraud. The ACFE examined the frequency with which certain behavioral red flags were identified during a fraudulent scheme. … Continue reading