Clari5: Breaking an Unholy Nexus. Combatting Related Party Transaction Fraud in Banks
Posted: 7 June 2019 | Author: Naresh Kurup | Source: Clari5
Increasing instances of related party transactions (RPT) fraud in banks seem to be making the old ‘blood is thicker than water’ saying truer by the day.
Several high-profile cases in the recent past seem to be having a common thread – RPT. RPTs have also been a source of concern for regulators because of inappropriate and inadequate monitoring of RPT transactions, besides non-disclosures.
RPTs typically involve an executive who has an undisclosed financial interest in another entity. In one case, the chairman of a state retirement system ensured $65 million in pension funds was invested in a savings and loan company he partially owned. Regulators subsequently seized the S&L company and the investment was lost. The pension fund auditors had no knowledge of the connection.
RPTs often elude easy detection. In certain cases, one can cross-reference the client’s key personnel to corporate records maintained by the state in which the company was formed. If a client’s officers are also listed as officers of another corporation, a detailed check may probably reveal an RPT.
Not very long ago, an Irish bank was fined €1.4 million for issuing loans to related parties. The bank had failed to obtain necessary approvals from its related party lending committee before granting loans to related parties and extended the maturity on 12 separate occasions for 5 existing loans.
To avoid restrictions from central and federal authorities, certain financial institutions are tempted to ‘creatively’ structure entities and transactions. There are also situations where banks have to combat a perception of nepotism, given high profile corporate entities and stakeholders involved.
Despite the intent to maintain clean books, certain banks hesitate to disclose RPTs partly to avoid the time and effort of regulatory scrutiny. As a result, they end up using ‘innovative’ practices to keep certain RPTs off the radar.
RPTs generally tend to be higher in corporate accounts of family-run businesses. Ties are closer between the financial institution and family run businesses, but there are several instances where banks have failed to draw the line between policy/process adherence and customer relations. Also, large family-run business houses are already vulnerable to perceptions of preferential treatment by financial institutions.
The onus of not allowing conflicts of interest impair the bank’s contracts and overall governance is on the bank’s management and auditors.
Most of the admired and well-run financial institutions have a strict policy for disclosure of RPTs, are transparent about exposures and publish declarations in public domain. Proxy statements, disclosures, tax filings, insurance policies, and contracts/agreements are some of the sources which auditors use to find evidence of undisclosed related parties. Failure to disclose RPTs is actually a misstatement that should be highlighted in audit reports.
When it comes to collusion and willful economic offence, it is essential to first examine the bank’s risk management and governance framework, the nature and quantum of RPTs and indicators that differentiate genuine RPTs from potentially fraudulent ones.
Some common related party fraud examples in banks are:
- Lending at an interest rate that is significantly below market rate
- Granting loans with no scheduled terms of repayment
- Non-recourse advances to shareholders
- Issuing lines of credit to borrowers who cannot repay
- Hastily writing off loans as uncollectible
There are more sophisticated ways of circumventing processes and controls and large frauds can lie undetected for years together in certain well-concealed scams.
Being the custodians of ‘trust’, the primary responsibility for preventing financial fraud in banks lies with the banks. While internal auditors identify potential red flags, the bank’s fraud risk assessment must include closer examination of RPTs.
Dispassionate reviews must also weigh evaluations of unusual financial trends and relationships identified from analytical procedures and techniques, keeping in mind the risk of management's override of controls.
Banks can do more to further fortify existing processes and control for prevention and timely detection of RPT fraud. Controls should be internal, external, as well technology-based. Integrating an intelligent anti-fraud technology solution in the overall risk management framework and process helps banks monitor RPTs to detect anomalies.
A key feature of smart AI-based anti-fraud technology solutions is early warning signals, but then no one signal must be seen in isolation. It must be seen contextually with insights from across all channels across the banking enterprise. Also, the presence of signals does not necessarily mean that there actually is an incidence fraud. In the event of fraud, multiple signals appear together.
An AI-based anti-fraud technology solution already has cross-channel coverage across online, mobile, branches, alternate delivery channels and business products; real-time transaction monitoring to detect fraud during transaction authorization within the transaction window itself; entity link analysis to analyze relationships between internal and/or external attributes to detect collusive activities or misuse.
AI-based fraud detection solutions also help banks conduct fund flow analytics in real-time to detect inappropriate loan arrangements. These solutions also have sophisticated algorithms that routinely and automatically review account activities and continuously update changing customer data.
These solutions usually use a blend of AI/ML, Real-time Decisions and Automation technologies for detecting RPT fraud, namely -
- Machine Learning powered Intelligence: Predictive scoring using trained ML models, scenario/pattern discovery, pattern intelligence from cross-institutional analysis, machine intelligence from low-data density environments.
- Real-time Decisions: Real-time decisions of transactions using ML fueled intelligence and known patterns, decisions that are explainable and traceable.
- Investigation Automation: Red-flags & specific additional due diligence processes are automated using RPA, especially for decisions that need more information beyond the enterprise boundaries.
By regularly monitoring transactions, alerting suspect or anomalous transactions, and seeking timely justification for RPTs, financial institutions can control potentially massive damage. Ultimately, beyond all the audits and advanced technology, prompt and diligent scrutiny of early warning signals by the bank and acting decisively on them is by far the best deterrent for RPT fraud.
- Role of Related Party Transactions in Fraudulent Financial Reporting - University of Miami
- Related-Party Transactions: Think like an Auditor - OnTarget CPA
- Fraud and Related Party Transactions - Jonathan T. Marks