Download presentation
Presentation is loading. Please wait.
Published byLaura Wheeler Modified over 8 years ago
1
Wire Fraud Prevention Training: Setting Your Organizational Structure to Mitigate Fraud Risk and Comply with Regulatory Expectations Presented by: Terri Sands, CAMS, AAP, At-Risk Adult Crime Tactics (ACT) Specialist Supporting Safe & Secure Payments Risk Management
2
Review of Wire Transfer System Significant Operational Components Removing Operational Inefficiencies Building An Effective Wire Transfer Organizational Structure Questions AGENDA
3
Review of Wire Transfer System Supporting Safe & Secure Payments Risk Management
4
Wire Transfer Review Wire Transfer – an electronic transfer of funds from one bank account to another that is: – a credit only transfer delivery system; – Is instantaneous; – Is a same day payment mechanism for large dollar transactions; – is irrevocable once originated. 4
5
Wire Transfer Flow 5 Originator sends payment order Originator’s Bank verifies “good” funds before transmission Federal Reserve settles immediately Beneficiary Bank Beneficiary may receive immediate use of funds Wire transfer is a same day, irrevocable, credit only payment system.
6
Significant Operational Components to Remove Inefficiencies, Enhance Risk Management and Mitigate Fraud Events Supporting Safe & Secure Payments Risk Management
7
Agreements Approval Authentication System Controls Compliance Funds Validation OFAC Validation Fees/Waiving of Fees Posting 7 Significant Operational Components
8
Agreements Prior to sending a wire transfer, there needs to be an agreement in place that covers TYPE of Wire Transfer: In-Person Wires – Agreement is Terms and Conditions (UCC4A should be outlined in the terms and conditions agreement. Faxed/Emailed – Funds Transfer Agreement and Authorization Signed by Customer with agreed upon Security Method. Cash Management Agreement – Cash Management Agreement signed by Customer with agreed upon Security Method used for sending wire transfers using the Cash Management System. 8
9
Approvals Approvals required for sending a Wire Transfer: Authorization for Sending Amount of Wire Authorization for Sending Wire for Uncollected Funds Authorization for Exceptions (i.e. sending a wire without an approval). Authorization for Waiving a Wire Fee NOTE: Authorization Approvals are normally a part of the Financial Institution’s Authorization Limits Policy which is approved by the Board of Directors. 9
10
Authentication Based on FFIEC Guidance, Authentication must be in place for sending wire transfers: Determine method of Authentication and where the Authentication procedure will occur: System Validation (i.e. authentication systems, text validation, voice recognition validation) Call Backs Fax Validation Token Validation PC Specific Validation 10
11
Authentication Authentication is not just about THE initiation of the wire transfer but what activity occurs before the wire request. Fraud happens sooner than at the end of the transaction (at point of origination). Social engineering attacks are on the increase so do you know where the request was originated? It is equally as important to authenticate requests based on the following: Changing information on the CIF (a fraudster will wish to change the contact for authenticating the wire transfer) Requests through emails that are forwarded (every link of the chain needs to be authenticated) Only those in the trusted environment should authenticate 11
12
System Validation Based on FFIEC Guidance, controls should be set within the wire transfer system (you need to verify these are set): Domestic wire validation – dual control forced within the system to ensure two different individuals submit/approve International wire validation – dual control forced within the system to ensure two different individuals submit/approve Collected funds validation – forced within the system to validate collected funds ONLY if it is preset. OFAC Validation – forced within the system when funds are originated and received. 12
13
Compliance Procedures Based on Dodd-Frank Remittance Transfer Act 1073, the following procedures should be in place for Consumer International Wires: 30 minute wait for sending wires to ensure enough time in consumer decision to send the transfer; Disclosures required to be provided for consumer wires; Entering amount information and fees for sending the wire transfer; Error resolution for unauthorized wire transfers. 13
14
Funds Validation Based on FFIEC Guidance, controls should be set within the wire transfer system to validate GOOD funds for Outgoing Wires: Good funds – you must define GOOD funds. This could be Available or Collected but should be set within your system. Fund Validation should be built within the system to verify at the point of origination. If Collected or Available funds are not in the account at point of origination, you should obtain appropriate approval (i.e. unsecured lending authority). 14
15
OFAC Validation Determine point of OFAC Validation: Manual OFAC Validation – not as effective and could result in significant operational/compliance/reputational risks. OFAC Validation within Wire Transfer System – must be performed at point of origination and point of receipt. Important Controls – Determine how often OFAC validation is tested and if financial institution has a backup for OFAC Validation. 15
16
Fee Posting and Waiving Procedures Posting of Fees – fees should be in place for Incoming and Outgoing Wires (some FI’s do not charge for incoming); Fee Waiver – determine if the fee waiver is tied to specific authorities (i.e. only certain account officers may be able to approve a waiver). Important Factors: – Unfair and Deceptive Business Practices – Documentation of Fee Waivers is a significant control – Ensure fees are correctly entered into system (is there dual control in set up of wire fees such as analysis, what controls are in place for those fees outside of analysis accounts?) 16
17
Posting Procedures for Incoming wire postings Deadline to post wire transfer Duplicate postings Credit to General Ledger (system or manual) Outgoing wire posting offset Deadline for sending wires Duplicate or erroneous wire transfers Debit to General Ledger 17
18
Removing Inefficiencies to Strengthen Fraud Mitigation Supporting Safe & Secure Payments Risk Management
19
Inexperienced Staff/Untrained Staff or Staff not Willing to Be Risk Focused Weak “Non- Rules Based” System Broken Process Flows (easy for fraudsters to break through these flawed process walls) Operational Inefficiencies and High Risk Wire Transfer Program 19
20
Inexperienced Staff Items to Consider when Determining Level of Knowledge: Length of time in the any area that is involved in Wire Transfer Program; Training for Individuals with Approval Authority (sending wires, approving uncollected wires, waiving fees); Training for individuals responsible for changing CIF related information; Training for Individuals that send and/or receive wires; Training for individuals approving exception items within the Wire Transfer Program; Frequency of training that is required for performing any wire transfer activity. 20
21
Weak Non-Rules Based Wire Transfer System Items to Consider when Determining Strength of System: Automatic OFAC’ing of outgoing and incoming wire transfers; Forced dual control within the system (submit/approve); Exposure limit offering on cash management system; Funds verification within the system at point of origination; Dodd-Frank compliance through international wire transfer module (i.e. disclosure delivery); BSA system integration of daily outgoing and incoming wire transfers. 21
22
Broken Process Flows Items to Consider when Determining Strength of Process Flows: Approvals that occur in the back office; Risk management decisions made by individual with little knowledge of wire transfer risks; Approvals made by individuals with little to no knowledge of wire transfer risks; No continuity procedures between departments; No continuity between individuals with specific system knowledge 22
23
Building an Effective Wire Transfer Organizational Structure Supporting Safe & Secure Payments Risk Management
24
Organizational Components Effective Organizational Structure 24 Approvals (Individuals with Risk Based Knowledge of What They are Approving and why) Agreements and Cash Management Set Ups (Front Line Responsibility and Quality Control Verification) Quality Control (Authentication and Approval Verification for wire transfer) Wire Transfer Processing (Rules Based Systems and Dual Control Verification) Quality Control Compliance (System and Employee Verification)
25
Process Flow for Outgoing Wires Outgoing Wire Transfer Process 25 Completion of Wire Transfer Form and Dual Control Verification of Identity Approval of Wire Transfer Amount Quality Control of Documentation and Authentication Validation and Determination of Recent CIF Changes Wire Transfer Key entering and Dual Control Funds Verification Compliance Procedures (Dodd-Frank 1073) Funds and OFAC Verification Fees (built within the system or manual input and Waived Fee Approvals) Wire Origination under forced system dual control
26
Process Flow for Incoming Wires Incoming Wire Transfer Process 26 Notification of Incoming Wire Transfer OFAC VerificationFee Posting Fees (built within the system or manual input) Posting of Wire Transfer based on Funds Availability Schedule
27
27 Supporting Safe & Secure Payments Risk Management
Similar presentations
© 2024 SlidePlayer.com. Inc.
All rights reserved.