Bank fraud is the use of potentially illegal means to obtain money, assets, or other property owned or held by a financial institution, or to obtain money from depositors by fraudulently posing as a bank or other financial institution. In many instances, bank fraud is a criminal offence. While the specific elements of particular banking fraud laws vary depending on jurisdictions, the term bank fraud applies to actions that employ a scheme or artifice, as opposed to bank robbery or theft. For this reason, bank fraud is sometimes considered a white-collar crime.
Types of bank fraud
Fraudsters may seek access to facilities such as mailrooms, post offices, offices of a tax authority, a corporate payroll or a social or veterans' benefit office, which process cheques in large numbers. The fraudsters then may open bank accounts under assumed names and deposit the cheques, which they may first alter in order to appear legitimate, so that they can subsequently withdraw unauthorised funds.
Alternatively, forgers gain unauthorised access to blank chequebooks, and forge seemingly legitimate signatures on the cheques, also in order to illegally gain access to unauthorized funds.
Cheque kiting exploits a banking system known as "the float" wherein money is temporarily counted twice. When a cheque is deposited to an account at Bank X, the money is made available immediately in that account even though the corresponding amount of money is not immediately removed from the account at Bank Y at which the cheque is drawn. Thus both banks temporarily count the cheque amount as an asset until the cheque formally clears at Bank Y. The float serves a legitimate purpose in banking, but intentionally exploiting the float when funds at Bank Y are insufficient to cover the amount withdrawn from Bank X is a form of fraud.
Forgery and altered cheques
Fraudsters have altered cheques to change the name (in order to deposit cheques intended for payment to someone else) or the amount on the face of cheques, simple altering can change $100.00 into $100,000.00, although transactions of this value are subject to investigation as a precaution to prevent fraud as policy.
Instead of tampering with a real cheque, fraudsters may alternatively attempt to forge a depositor's signature on a blank cheque or even print their own cheques drawn on accounts owned by others, non-existent accounts, etc. They would subsequently cash the fraudulent cheque through another bank and withdraw the money before the banks realise that the cheque was a fraud.
In order to hide serious financial problems, some businesses have been known to use fraudulent bookkeeping to overstate sales and income, inflate the worth of the company's assets, or state a profit when the company is operating at a loss. These tampered records are then used to seek investment in the company's bond or security issues or to make fraudulent loan applications in a final attempt to obtain more money to delay the inevitable collapse of an unprofitable or mismanaged firm. Examples of accounting frauds: Enron and WorldCom and Ocala Funding. These companies "cooked the books" in order to appear as though they had profits each quarter, when in fact they were deeply in debt.
A bank soliciting public deposits may be uninsured or not licensed to operate at all. The objective is usually to solicit for deposits to this uninsured "bank", although some may also sell stock representing ownership of the "bank". Sometimes the names appear very official or very similar to those of legitimate banks. For instance, the unlicensed "Chase Trust Bank" of Washington D.C. appeared in 2002, bearing no affiliation to its seemingly apparent namesake; the real Chase Manhattan Bank is based in New York. Accounting fraud has also been used to conceal other theft taking place within a company.
Demand draft fraud
Demand draft (DD) fraud typically involves one or more corrupt bank employees. Firstly, such employees remove a few DD leaves or DD books from stock and write them like a regular DD. Since they are insiders, they know the coding and punching of a demand draft. Such fraudulent demand drafts are usually drawn payable at a distant city without debiting an account. The draft is cashed at the payable branch. The fraud is discovered only when the bank's head office does the branch-wise reconciliation, which normally take six months, by which time the money is gone.
A rogue trader is a trader at a financial institution who engages in unauthorized trading to recoup the loss he incurred in earlier trades. Out of fear and desperation, he manipulates the internal controls to circumvent detection to buy more time.
Unfortunately, unauthorized trading activities invariably produce more losses due to time constraints; most rogue traders are discovered at an early stage with losses ranging from $1 million to $100 million, but a very few working out of institutions with extremely lax controls were not discovered until the loss had reached well over a billion dollars. The size of the loss is a reflection of the laxity in controls instituted at the firm and not the trader's greed. Contrary to the public perception, rogue traders do not have criminal intent to defraud his employer to enrich himself; he is merely trying to recoup the loss to make his firm whole and salvage his employment.
Some of the largest unauthorized trading losses were discovered at Barings Bank (Nick Leeson), Daiwa Bank (Toshihide Iguchi), Sumitomo Corporation (Yasuo Hamanaka), Allfirst Bank (John Rusnak), Société Générale (Jérôme Kerviel), UBS (Kweku Adoboli), and JPMorgan Chase (Bruno Iksil).
One way to remove money from a bank is to take out a loan, a practice bankers would be more than willing to encourage if they knew that the money will be repaid in full with interest. A fraudulent loan, however, is one in which the borrower is a business entity controlled by a dishonest bank officer or an accomplice; the "borrower" then declares bankruptcy or vanishes and the money is gone. The borrower may even be a non-existent entity and the loan merely an artifice to conceal a theft of a large sum of money from the bank. This can also seen as a component within mortgage fraud (Bell, 2010).
Fraudulent loan applications
These take a number of forms varying from individuals using false information to hide a credit history filled with financial problems and unpaid loans to corporations using accounting fraud to overstate profits in order to make a risky loan appear to be a sound investment for the bank.
Forged or fraudulent documents
Forged documents are often used to conceal other thefts; banks tend to count their money meticulously so every penny must be accounted for. A document claiming that a sum of money has been borrowed as a loan, withdrawn by an individual depositor or transferred or invested can therefore be valuable to someone who wishes to conceal the minor detail that the bank's money has in fact been stolen and is now gone.
Wire transfer fraud
Wire transfer networks such as the international SWIFT interbank fund transfer system are tempting as targets as a transfer, once made, is difficult or impossible to reverse. As these networks are used by banks to settle accounts with each other, rapid or overnight wire transfer of large amounts of money are commonplace; while banks have put checks and balances in place, there is the risk that insiders may attempt to use fraudulent or forged documents which claim to request a bank depositor's money be wired to another bank, often an offshore account in some distant foreign country.
There is a very high risk of fraud when dealing with unknown or uninsured institutions.
The risk is greatest when dealing with offshore or Internet banks (as this allows selection of countries with lax banking regulations), but not by any means limited to these institutions. There is an annual list of unlicensed banks on the US Treasury Department web site which currently is fifteen pages in length.
Also, a person may send a wire transfer from country to country. Since this takes a few days for the transfer to "clear" and be available to withdraw, the other person may still be able to withdraw the money from the other bank. A new teller or corrupt officer may approve the withdrawal since it is in pending status which then the other person cancels the wire transfer and the bank institution takes a monetary loss.
Bill discounting fraud
Essentially a confidence trick, a fraudster uses a company at their disposal to gain confidence with a bank, by appearing as a genuine, profitable customer. To give the illusion of being a desired customer, the company regularly and repeatedly uses the bank to get payment from one or more of its customers. These payments are always made, as the customers in question are part of the fraud, actively paying any and all bills raised by the bank. After time, after the bank is happy with the company, the company requests that the bank settles its balance with the company before billing the customer. Again, business continues as normal for the fraudulent company, its fraudulent customers, and the unwitting bank. Only when the outstanding balance between the bank and the company is sufficiently large, the company takes the payment from the bank, and the company and its customers disappear, leaving no-one to pay the bills issued by the bank.
Payment card fraud
Credit card fraud is widespread as a means of stealing from banks, merchants and clients.
A booster cheque is a fraudulent or bad cheque used to make a payment to a credit card account in order to "bust out" or raise the amount of available credit on otherwise-legitimate credit cards. The amount of the cheque is credited to the card account by the bank as soon as the payment is made, even though the cheque has not yet cleared. Before the bad cheque is discovered, the perpetrator goes on a spending spree or obtains cash advances until the newly-"raised" available limit on the card is reached. The original cheque then bounces, but by then it is already too late.
Stolen payment cards
Often, the first indication that a victim's wallet has been stolen is a phone call from a credit card issuer asking if the person has gone on a spending spree; the simplest form of this theft involves stealing the card itself and charging a number of high-ticket items to it in the first few minutes or hours before it is reported as stolen.
A variant of this is to copy just the credit card numbers (instead of drawing attention by stealing the card itself) in order to use the numbers in online frauds.
Duplication or skimming of card information
This takes a number of forms, ranging from merchants copying clients' credit card numbers for use in later illegal activities or criminals using carbon copies from old mechanical card imprint machines to steal the info, to the use of tampered credit or debit card readers to copy the magnetic stripe from a payment card while a hidden camera captures the numbers on the face of the card.
Some fraudsters have attached fraudulent card stripe readers to publicly accessible ATMs, to gain unauthorised access to the contents of the magnetic stripe, as well as hidden cameras to illegally record users' authorisation codes. The data recorded by the cameras and fraudulent card stripe readers are subsequently used to produce duplicate cards that could then be used to make ATM withdrawals from the victims' accounts.
Empty ATM envelope deposits
A criminal overdraft can result due to the account holder making a worthless or misrepresented deposit at an automated teller machine in order to obtain more cash than present in the account or to prevent a check from being returned due to non-sufficient funds. United States banking law makes the first $100 immediately available and it may be possible for much more uncollected funds to be lost by the bank the following business day before this type of fraud is discovered. The crime could also be perpetrated against another person's account in an "account takeover" or with a counterfeit ATM card, or an account opened in another person's name as part of an identity theft scam. The emergence of ATM deposit technology that scans currency and checks without using an envelope may prevent this type of fraud in the future.
Identity theft or Impersonation
Identity theft has become an increasing problem; the scam operates by obtaining information about an individual, then using the information to apply for identity cards, accounts and credit in that person's name. Often little more than name, parents' name, date and place of birth are sufficient to obtain a birth certificate; each document obtained then is used as identification in order to obtain more identity documents. Government-issued standard identification numbers such as "social security numbers" are also valuable to the fraudster.
Information may be obtained from insiders (such as dishonest bank or government employees), by fraudulent offers for employment or investments (in which the victim is asked for a long list of personal information) or by sending forged bank or taxation correspondence. Some fictitious tax forms which purported to have been sent by banks to clients in 2002 were:
- W-9095 Application Form for Certificate Status/Ownership for Withholding Tax
- W-8BEN Certificate of Foreign Status of Beneficial Owner for United States Tax Withholding
The actual origin of these forms is neither the bank nor the taxman – they are sent by potential identity thieves and W-8888 doesn't exist, W-9095 is also fictitious (the real W-9 asks much less info) and W-8BEN is real but may have been tampered to add intrusive additional questions. The original forms on which these fakes were based are intended to collect information for income tax on income from deposits and investment.
In some cases, a name/SIN pair is needed to impersonate a citizen while working as an illegal immigrant but often the identity thieves are using the bogus identity documents in the commission of other crimes or even to hide from prosecution for past crimes. The use of a stolen identity for other frauds such as gaining access to bank accounts, credit cards, loans and fraudulent social benefit or tax refund claims is not uncommon.
Unsurprisingly, the perpetrators of such fraud have been known to take out loans and disappear with the cash.
Prime bank fraud
The "prime bank" operation which claims to offer an urgent, exclusive opportunity to cash in on the best-kept secret in the banking industry, guaranteed deposits in "prime banks", "constitutional banks", "bank notes and bank-issued debentures from top 500 world banks", "bank guarantees and standby letters of credit" which generate spectacular returns at no risk and are "endorsed by the World Bank" or various national governments and central bankers. However, these official-sounding phrases and more are the hallmark of the so-called "prime bank" fraud; they may sound great on paper, but the guaranteed offshore investment with the vague claims of an easy 100% monthly return are all fictitious financial instruments intended to defraud individuals.
The fictitious 'bank inspector'
This is an old scam with a number of variants; the original scheme involved claiming to be a bank inspector, claiming that the bank suspects that one of its employees is stealing money and that to help catch the culprit the "bank inspector" needs the depositor to withdraw all of his or her money. At this point, the victim would be carrying a large amount of cash and can be targeted for the theft of these funds.
Other variants included claiming to be a prospective business partner with "the opportunity of a lifetime" then asking for access to cash "to prove that you trust me" or even claiming to be a new immigrant who carries all their money in cash for fear that the banks will steal it from them – if told by others that they keep their money in banks, they then ask the depositor to withdraw it to prove the bank hasn't stolen it.
Impersonation of officials has more recently become a way of stealing personal information for use in theft of identity frauds.
Phishing and Internet fraud
Phishing, also known as Internet fraud, operates by sending forged e-mail, impersonating an online bank, auction or payment site; the e-mail directs the user to a forged web site which is designed to look like the login to the legitimate site but which claims that the user must update personal info. The information thus stolen is then used in other frauds, such as theft of identity or online auction fraud.
A number of malicious "Trojan horse" programmes have also been used to snoop on Internet users while online, capturing keystrokes or confidential data in order to send it to outside sites.
Fake websites can trick you into downloading computer viruses that steal your personal information. Security messages are shown that tell you that you have viruses and need to download new software, by doing this you are tricked into downloading an actual virus.
Money laundering is the process by which large amounts of illegally obtained money (from drug trafficking, terrorist activity or other serious crimes) is given the appearance of having originated from a legitimate source.
Banking fraud by country
- Whoever knowingly executes, or attempts to execute, a scheme or artifice—
- (1) to defraud a financial institution; or
- (2) to obtain any of the moneys, funds, credits, assets, securities, or other property owned by, or under the custody or control of, a financial institution, by means of false or fraudulent pretenses, representations, or promises;
- shall be fined not more than $1,000,000 or imprisoned not more than 30 years, or both.
State law may also criminalize the same, or similar acts.
The Bank Fraud Statute was passed following the Supreme Court's decision in Williams v. United States, 458 U.S. 279 (1982), in which the Court held that cheque-kiting schemes did not constitute making false statements to financial institutions (18 U.S.C. § 1014). Congress responded by passing the Bank Fraud Statute (18 U.S.C. § 1344). Section 1344 has subsequently been bolstered by the Financial Institutions Reform, Recovery and Enforcement Act of 1989 (FIRREA), Pub. L. No. 101-73, 103 Stat. 500.
The Bank Fraud Statute criminalizes federally cheque-kiting, cheque forging, non-disclosure on loan applications, diversion of funds, unauthorized use of automated teller machines (ATMs), credit card fraud, and other similar offenses. Section 1344 does not cover certain forms of money laundering, bribery, and passing bad checks. Other provisions cover these offenses.
In the United States, consumer liability for unauthorized electronic money transfers on debit cards is covered by Regulation-E of the Federal Deposit Insurance Corporation. The extent of consumer liability, as detailed in section 205.6, is determined by the speed with which the consumer notifies the bank. If the bank is notified within 2 business days, the consumer is liable for $50. Over two business days the consumer is liable for $500, and over 60 business days, the consumer liability is unlimited. In contrast, all major credit card companies have a zero liability policy, effectively eliminating consumer liability in the case of fraud.
The Commonwealth Fraud Control Framework outlines the preventions, detection, investigation and reporting obligations set by the Australian Government for fraud control. The framework includes three documents called The Fraud Rule, Fraud Policy and Fraud Guidance
The Fraud Rule- is a legislative instrument binding all Commonwealth entities setting out the key requirements of fraud control.
The Fraud Policy- is a government policy binding non-corporate Commonwealth entities setting out the procedural requirements for specific areas of fraud control such as investigations and reporting.
The Fraud Guidance- preventing, detecting and dealing with fraud, supports best practice guidance for the Fraud Rule and Fraud Policy setting out the government's expectations for fraud control arrangements within all Commonwealth entities.
Other important acts and regulations in the Australian Government's fraud control framework include the:
- Crimes Act 1914, which sets out criminal offences against the Commonwealth, such as fraud
- Criminal Code 1995, which sets out criminal offences against the Commonwealth, such as fraudulent conduct
- Public Service Act 1999 and the Public Service Regulations 1999, which provide for the establishment and management of the Australian Public Service and its employees
- Proceeds of Crime Act 2002 and the Proceeds of Crime Regulations 2002, which provide for the confiscation of the proceeds of crime.
Famous bank frauds
- Gone in 60 Seconds (bank fraud) – led by Ara Keshishyan in Citibank ATMs.
Differences between Customer Accounts, Small Business Accounts, and Business Accounts
Consumer Bank Accounts
Consumer bank accounts are protected under federal law.
Banks have the option of doing fraud detection either in real time or once every 24 hours. Since personal accounts are the responsibility of the banks, fraud detection for personal accounts is usually done in real time.
Small Business Bank Accounts
Although Visa and MasterCard both claim Zero Liability on their respective websites for Small Business Accounts, in reality, each bank can choose if they want to or not want hold by the Zero Liability guarantee. If an account does not specifically say "Small Business Account", it must be assumed that standard business account liability applies.
Even if the account says "Small Business Account", one must check with their respective bank to determine how much liability the account has.
Banks have the option of doing fraud detection either in real time or once every 24 hours. If a bank puts the liability of the Small Business Account onto the customer, it should be assumed that fraud detection is done once every 24 hours. If a bank assumes the liability for fraud on a Small Business Account, fraud detection could either be in real time or once every 24 hours. It is best to check with your bank to determine how often fraud detection is done.
Business Bank Accounts
MasterCard and Visa do not provide liability protection for business accounts. Since fraud is the responsibility of the customer, and not the bank, one should assume that fraud detection is done once every 24 hours. Check with your bank to determine if a business account has real time fraud detection.
- Alfredo Sáenz Abad
- Baninter case
- Carding (fraud)
- Cheque fraud
- Mail fraud
- Mortgage fraud
- Nigerian 419 scam
- Taylor, Bean & Whitaker, top-10 U.S. wholesale mortgage lending firm that ceased business following multibillion-dollar fraud revelations
- Wire fraud
- United States Secret Service
- "Newsbank - The Sacramento Bee & Sacbee.com".
- "What is Bank Fraud?". wiseGEEK.
- "Home - JPMorgan Chase & Co.".
- Iguchi, Toshihide (April 2014). My Billion Dollar Education: Inside the Mind of a Rogue Trader. ISBN 978-988-13373-8-2.
- Bell, Alexis (2010). Mortgage Fraud & the Illegal Property Flipping Scheme: A Case Study of United States v. Quintero-Lopez.
- "ATM deposit automation, ATM deposit processing, envelope-free deposits". Carreker.com. Retrieved 2012-03-13.
- "New U.S. Birth Certificate Requirement". Bureau of Consular Affairs, U.S. Department of State. Retrieved 24 April 2014.
- "Types of banking fraud | ANZ". www.anz.com. Retrieved 2016-05-17.
- "Online fraud and scams - Australian Federal Police". www.afp.gov.au. Retrieved 2016-05-17.
- "Federal Deposit Insurance Corporation, Electronic Funds Transfers (Regulation-E)".
- "China Daily News, 2012-7-17, Shi Yingying, "Man wins full pay-out in bank card fraud"".
- Woods, Ian (1998). "FRAUD AND THE AUSTRALIAN BANKING INDUSTRY" (PDF). Australian Banker's Assosiation.
- Department, Attorney-General’s. "Fraud Control Framework". www.ag.gov.au. Retrieved 2016-05-17.
- Bankers Online
- Crimes of Persuasion
- US Securities and Exchange Commission
- US Code
- An Ukrainian bank’s humanity crime