Scam alert: 12 types of fraud to watch for
Published March 30, 2015 11:28 AM
|
Updated March 30, 2015 12:23 PM
1 Min Read
Fraud is a word no adviser wants to hear.
Advisers, particularly those who deal with a client's finances, may unwittingly abet a fraudulent scheme that victimizes their clients, or they may allow it to occur by not taking more diligent proactive safeguards.
Fraud can occur in a myriad ways, from email scams to identity theft to manipulation of investment valuations. Page through to see a dozen common frauds and ways advisers can help prevent them.
Fraud can occur in a myriad ways, from email scams to identity theft to manipulation of investment valuations. Page through to see a dozen common frauds and ways advisers can help prevent them.
1) Fake email scams
What can go wrong? A cybercriminal hacks into the email of an adviser's client and sends an email to the adviser that looks like it is coming from the client. The email asks the adviser to wire a large sum of money to an unfamiliar account for an extraordinary reason i.e. the client is stuck in another country and needs cash immediately. If the adviser proceeds with the transfer, thousands or even millions of dollars could potentially be stolen from the client.
Advisers should also be mindful of red flags, such as a request to wire money to someone or somewhere that the adviser doesn't have on record for the client.
How to fight it: Having proper controls in place surrounding wire transfers can help mitigate the risk of this type of fraud, says Todd Kesterson, director of Kaufman Rossin's family office services group. If an adviser receives a non-recurring wire transfer request, via fax or email, there should be a multi-step verification process, he says. For example, try to verify the request by calling the client, by asking for personal identifying information a PIN number, birth date, Social Security number answers to security questions, or verification by another person that the client has previously designated on the account.
Advisers should also be mindful of red flags, such as a request to wire money to someone or somewhere that the adviser doesn't have on record for the client.
How to fight it: Having proper controls in place surrounding wire transfers can help mitigate the risk of this type of fraud, says Todd Kesterson, director of Kaufman Rossin's family office services group. If an adviser receives a non-recurring wire transfer request, via fax or email, there should be a multi-step verification process, he says. For example, try to verify the request by calling the client, by asking for personal identifying information a PIN number, birth date, Social Security number answers to security questions, or verification by another person that the client has previously designated on the account.
2) Online ID theft
What can go wrong? Data breaches at the adviser's office can result in an unauthorized transfer of confidential and personal information.
How to fight it: Password-protect all computers and mobile devices that are used to access client files, says Becky Frost, senior manager of consumer education for security firm Experian's ProtectMyID product. Computers should also have up-to-date antivirus and anti-malware software as well as firewall protection, Frost says. When working remotely, always use a secured Internet connection. Public Wi-Fi networks are typically unsecured, and are breeding grounds for thieves to steal your clients' sensitive information.
How to fight it: Password-protect all computers and mobile devices that are used to access client files, says Becky Frost, senior manager of consumer education for security firm Experian's ProtectMyID product. Computers should also have up-to-date antivirus and anti-malware software as well as firewall protection, Frost says. When working remotely, always use a secured Internet connection. Public Wi-Fi networks are typically unsecured, and are breeding grounds for thieves to steal your clients' sensitive information.
3) Improper charging of performance or management fees
What can go wrong? The asset manager could mischarge management or performance fees, misappropriating your clients' assets.
How to fight it: As a part of due diligence, advisers should make sure fund managers have controls in place to make sure calculations of management and performance fees are being executed in accordance with offering memoranda, says Adam Weisman, a partner with Deloitte Financial Advisory Services. There should also be an independent review of the fee calculations before the fees are paid by the fund, Weisman says.
How to fight it: As a part of due diligence, advisers should make sure fund managers have controls in place to make sure calculations of management and performance fees are being executed in accordance with offering memoranda, says Adam Weisman, a partner with Deloitte Financial Advisory Services. There should also be an independent review of the fee calculations before the fees are paid by the fund, Weisman says.
4) Stuck in a Ponzi scheme
What can go wrong? A financial adviser who unintentionally directs client funds into a Ponzi scheme could potentially cost his client millions of dollars. In the case of Bernie Madoff, orchestrator of the largest Ponzi scheme in history, a total of $65 billion was taken from unsuspecting investors. Although the Madoff case is the most well-known, smaller Ponzi schemes are uncovered regularly.
How to fight it: Financial advisers can offer to perform proper due diligence to help prevent this type of fraud, Kaufman Rossin's Kesterson points out. Due diligence might include verifying that the fund manager has dependable and reputable service providers a third-party administrator, for instance, and annual audits from a CPA firm with investment expertise.
Financial advisers should be aware of red flags, such as a lack of transparency in a fund manager's investment strategy or consistently high returns and growth of assets, regardless of market performance.
How to fight it: Financial advisers can offer to perform proper due diligence to help prevent this type of fraud, Kaufman Rossin's Kesterson points out. Due diligence might include verifying that the fund manager has dependable and reputable service providers a third-party administrator, for instance, and annual audits from a CPA firm with investment expertise.
Financial advisers should be aware of red flags, such as a lack of transparency in a fund manager's investment strategy or consistently high returns and growth of assets, regardless of market performance.
5) Tax data theft
What can go wrong? Identity thieves can make money by filing false returns or by stealing personal information off of tax documents to commit identity theft. Financial advisory firms are ripe with this information during tax time, making them a target.
How to fight it: Advisers need to establish steps to protect sensitive tax forms, says Experian's Frost.
Make sure that all company computers used by advisers are protected with up-to-date antivirus and antimalware software, a firewall and are password protected. All company computers should also use a private/secure network connection for all online activity, Frost says, and not a public Wi-Fi network.
Advisers should also educate clients about the IRS-issued PIN available to eligible tax filers to prevent the misuse of a Social Security number on fraudulent federal income tax returns. And never leave envelopes or documents in an unsecured location open to others such as in a car or on a desk.
How to fight it: Advisers need to establish steps to protect sensitive tax forms, says Experian's Frost.
Make sure that all company computers used by advisers are protected with up-to-date antivirus and antimalware software, a firewall and are password protected. All company computers should also use a private/secure network connection for all online activity, Frost says, and not a public Wi-Fi network.
Advisers should also educate clients about the IRS-issued PIN available to eligible tax filers to prevent the misuse of a Social Security number on fraudulent federal income tax returns. And never leave envelopes or documents in an unsecured location open to others such as in a car or on a desk.
6) Manipulated investment valuations
What can go wrong? Investment managers could misstate NAV and performance metrics by manipulating investment valuations.
How to fight it: Use third-party valuation firms to check the fund managers, counsels Deloitte's Weisman. Make sure controls are built into the valuation process requiring that the valuations are performed consistently each period, are absent bias and are based on appropriate valuation methodologies.
How to fight it: Use third-party valuation firms to check the fund managers, counsels Deloitte's Weisman. Make sure controls are built into the valuation process requiring that the valuations are performed consistently each period, are absent bias and are based on appropriate valuation methodologies.
7) 'Pump & dump' market manipulation
What can go wrong? Stock promoters issue false reports or claims (often in social media, forums or chat rooms) to inflate the price of certain stocks, typically microcaps; investors act on those reports creating a demand for the shares which increases the stock price; and the promoters then dump their shares, causing the stock price to plummet.
How to fight it: Financial advisers need to conduct enhanced due diligence on the issuers of these types of stock offerings before making recommendations to their clients, Kesterson says. Advisers and their clients should be careful not to trade on rumors or hearsay and call the investor relations department of a company directly to verify claims about stock prices.
How to fight it: Financial advisers need to conduct enhanced due diligence on the issuers of these types of stock offerings before making recommendations to their clients, Kesterson says. Advisers and their clients should be careful not to trade on rumors or hearsay and call the investor relations department of a company directly to verify claims about stock prices.
8) Phishing scams
What can go wrong? Thieves use personal manipulation in order to gain information through phishing scams. These scams are meant to trick clients into giving away valuable personal information by posing as a legitimate institution like a financial advisory firm.
How to fight it: Educate your clients about phishing scams, Frost suggests. Inform clients that legitimate advisers, financial institutions and government agencies never ask for personal identifying information this way.
Tell clients to think twice before clicking on links in suspicious emails or calling the number listed in the email. Rather, they should instead go directly to an institution's website and call the customer service number.
How to fight it: Educate your clients about phishing scams, Frost suggests. Inform clients that legitimate advisers, financial institutions and government agencies never ask for personal identifying information this way.
Tell clients to think twice before clicking on links in suspicious emails or calling the number listed in the email. Rather, they should instead go directly to an institution's website and call the customer service number.
9) Improper allocation of expenses to funds
What can go wrong? Fund managers may allocate costs inappropriately. Be on the lookout for expenses that are not benefiting funds, are not incurred on behalf of the funds or are improperly allocated among a set of funds.
How to fight it: Through due diligence, advisers should make sure that the fund has clear and concise criteria for determining which expenses are appropriately allocatable to the funds and, conversely, which expenses cannot be allocated to the funds, says Weisman. The fund manager should also set rules and guidelines for determining how allocatable expenses are distributed among the funds. In addition, the criteria should ensure there is no bias in the allocation process.
How to fight it: Through due diligence, advisers should make sure that the fund has clear and concise criteria for determining which expenses are appropriately allocatable to the funds and, conversely, which expenses cannot be allocated to the funds, says Weisman. The fund manager should also set rules and guidelines for determining how allocatable expenses are distributed among the funds. In addition, the criteria should ensure there is no bias in the allocation process.
10) Rouge trading
What can go wrong? An employee who is authorized to make trades on behalf of a firm tries to boost profits for the firm by trading securities without proper approval. One example is Nick Leeson, who was a derivatives trader at the Singapore office of Britain's Barings Bank and made unauthorized investments that resulted in $1.3 billion in losses, eventually bankrupting his employer. He was charged with fraud and served time in a Singapore prison.
How to fight it: While technology can be used to help prevent this type of fraud, companies shouldn't rely solely on IT systems to detect rogue trading, says Kaufman Rossin's Kesterson. Rather, he says, managing this risk requires a company's senior leaders to implement appropriate policies and procedures surrounding internal controls. Top management must also foster an organizational culture that clearly communicates ethical standards, rewards desired behaviors, emphasizes accountability and closes any gaps between policy and practice.
How to fight it: While technology can be used to help prevent this type of fraud, companies shouldn't rely solely on IT systems to detect rogue trading, says Kaufman Rossin's Kesterson. Rather, he says, managing this risk requires a company's senior leaders to implement appropriate policies and procedures surrounding internal controls. Top management must also foster an organizational culture that clearly communicates ethical standards, rewards desired behaviors, emphasizes accountability and closes any gaps between policy and practice.
11) Misappropriation of funds by staff
What can go wrong? A back-office staffer creates false entries in the books and records of the advisory firm, causing the firm to pay money to the undeserving staff member. For example, an employee could create a fictitious adviser's account and direct a very small percentage of overall commissions or false expense reimbursements into it. Over time, these small payments could add up to tens of thousands of dollars.
How to fight it: Implement policies and procedures to review and approve all book entries, particularly for new representatives, says Kesterson. Segregate duties related to critical financial functions, rotate employees who hold these key responsibilities on a periodic basis and require key people to take vacation and then identify and train backups for these roles.
Ideally, no one person at the firm should be the sole individual responsible for more than one of the following functions in the same process: creating and authorizing new entries, disbursing funds and performing reconciliations.
How to fight it: Implement policies and procedures to review and approve all book entries, particularly for new representatives, says Kesterson. Segregate duties related to critical financial functions, rotate employees who hold these key responsibilities on a periodic basis and require key people to take vacation and then identify and train backups for these roles.
Ideally, no one person at the firm should be the sole individual responsible for more than one of the following functions in the same process: creating and authorizing new entries, disbursing funds and performing reconciliations.
12) Developing scams
Of course, the list of fraud schemes is never complete; scammers are constantly developing new ways to part your clients from their money.
Consequently, it is not sufficient "to attempt to create on/off controls to specific known risks," says Deloitte's Weisman.
Rather, approach your fraud defenses holistically, he says. He recommends proper design, implementation, execution and monitoring including "a systematic process for identification of fraud risks and schemes through effective company-wide fraud brainstorming performed at least annually."
Consequently, it is not sufficient "to attempt to create on/off controls to specific known risks," says Deloitte's Weisman.
Rather, approach your fraud defenses holistically, he says. He recommends proper design, implementation, execution and monitoring including "a systematic process for identification of fraud risks and schemes through effective company-wide fraud brainstorming performed at least annually."
