Meet Our Principals

Alton Cogert,
President & CEO

Mr. Cogert can answer any questions related to your insurer or risk pool's investment strategy.

Preventing Fraud: Institutional Cash Management & Custody

With the ever-present risk of banking fraud and phishing scams targeting institutions' assets, we spoke with UMB Bank to explain the types of fraud insurers and risk pools should be aware of, as well as the best ways to safeguard their assets.

John Weasler | SVP, Manager, Business Development | UMB Bank
john.weasler@umb.com | Learn More >>

SAA: For institutional cash management / custody clients, such as insurers or public entities, what types of fraud are they most prone to? Are these types of fraud common for insurers?

UMB: For businesses, there are many types of fraud threats to consider. Four types of fraud have grown to pose a significant threat.

Asset Misappropriation:
This targets the most common type of fraud, where an employee steals cash or other assets through deceitful means. According to the Association of Certified Fraud Examiners (ACFE), more than 86% of all internal fraud schemes involved an asset misappropriation element, and the median loss from an asset misappropriation was $100,000. Asset misappropriations are commonly detected through employee monitoring or through internal controls like segregation of duties, account reconciliation, and independent verification of data.

Business Email Compromise (BEC):
A growing problem and a critical vulnerability in many organizations. This scam accesses company information through methods like phishing, social engineering, email and social media account spoofing, and malware, and it can involve vendors, billing systems, and online message traffic. The goal of BEC is to deceptively impersonate an associate or customer and fraudulently reroute payments or steal private information for financial gain.

Social Engineering:
The psychological use of deception, manipulation, and trickery to influence a target to go outside of normal security protocols to divulge information for nefarious purposes by a fraudster. Fraudsters can ask a user to give up a login and password, to change banking information, or to send a confidential business file because it was recently “lost” by accident. The list of potential requests can seem endless. The medium used to begin the deception can include multiple communication channels, including in person, by email, in a text, via an app, on social media or over the phone.

With even minimal access to one employee’s account–like getting the victim to click on a malicious online message link–, fraudsters may secretly install malicious software that will give them even more access to passwords and bank information. Fraudsters use social engineering tactics because it is usually easier to exploit your natural inclination to trust than it is to discover ways to hack your software.

Insider Fraud:
Insider Fraud relies on accessing your valuable digital resources. However, you need to know who they are, what they’re doing, and if resources have been compromised. The factors that cause a person to commit fraud can include:

  1. Perceived financial need or stressor
  2. Opportunities to execute the fraud (authority, access and business knowledge)
  3. Rationalization that enables the person to reconcile the situation within their own mind or values (i.e. thinking the person is just borrowing money for a short time)

SAA: What is top of mind for insurers and government risk pools today in preventing fraud?

UMB: Safeguarding our clients’ assets is critical to our work at UMB. Our teams have seen a rise in fraud attempts—particularly of business email compromise (BEC). BEC is a type of phishing attempt in which the objective is to impersonate a trusted person and make a fraudulent request. For clients who communicate instructions to their custodian, asset manager, or other financial institutions, BEC is downright scary.

Business Email Compromise Prevention (BEC):

  • Implement multi factor authentication as a best practice and establish check and balance procedures for payments and sensitive information requests. For UMB clients, we highly recommend initiating wires from our secure platform, UMB Direct, instead of via manual or written communication methods.
  • Train employees to question and escalate suspicious emails before clicking links, downloading files or replying
  • Be on the lookout for internal requests that are unusual and often pressing for payments or data exports outside of normal procedures

Social Engineering Prevention:

  • Maintain strong email, virus protection, and overall IT security protections on all electronic devices, especially smartphones
  • Set your operating system to update automatically
  • Use an anti-phishing tool offered by your web browser or third party to alert you to risks
  • Educate and train employees to identify red flags such as pressure, urgency, and nonstandard communications and then escalate for additional review before approving, changing, or sending anything
  • Establish procedures giving employees a known “way out” so they can always halt an uncomfortable conversation or raise red flags
  • Verify the identity of the person you are talking with. When in doubt, communicate with the purported individual on your terms; email them something if they want to use the phone, or ask them to verify something you know would only be known to them, such as an invoice number

SAA: If a client experiences fraud or is compromised, what are the recommended steps to mitigate the impact?

UMB: We recommend clients take the following steps upon realizing they have been the victim of fraud, particularly when it may include financial loss:

  • Immediately contact local law enforcement and the Internet Crime Complaint Center of the FBI www.ic3.gov to recover the missing funds.
  • Inform UMB of the situation (if and when UMB accounts may be involved). UMB will then attempt to contact other banking institutions involved to request the return of the funds
  • Clients may elect to hire third-party cybersecurity experts to investigate and remediate the incident or an incident response management firm to monitor their activity. It is important to ensure that the incident or loss has been contained and that system access is no longer compromised.

Source: Strategic Asset Alliance, UMB. The information contained herein has been obtained from sources believed to be reliable, but the accuracy of information cannot be guaranteed.