According to the Material Loss Review, the failure of the credit resulted in an estimated loss of $39.5 million to the NCUSIF.
The IG determined that the failure was due to the misappropriation of $42.2 million in cash, due to fraud. The credit union's former CEO concealed the losses by understating member share balances, primarily share certificates, on the financial statements. The embezzlement occurred unabated for almost 20 years.
The IG noted that the lack of segregation of duties and dual control allowed the former CEO to perpetrate and conceal the fraud. The former CEO possessed all of the following:
- Access to official credit union checks, which enabled him to alter the physical records of credit union checks;
- "Super-user" access to the credit union's accounting system, which enabled him to alter both the check payee information and file maintenance reports, which concealed this action; and
- Sole responsibility for financial reporting, which gave him the ability to prepare fraudulent financial statements.
In addition, if dual controls had been in place, credit union staff could have discovered the former CEO’s embezzlement long before they eventually discovered it.
Furthermore, the IG report noted that to perpetrate the fraud, the former CEO needed a reliable source of funds. The former CEO had authority to set interest rates on share certificates. For example, the former CEO set the interest rate on one-year share certificate at 3.1 percent as of December 31, 2018, which was significantly above the market rate of approximately 1.3 percent. Despite these above-market rates, the credit union reported approximately $3.5 million in share certificates at the end of 2018. This small dollar amount of share certificates given the above-market rates should have triggered questions among the examiners; but the IG found no evidence of this in their Examination Report.
Moreover, the IG concluded that the supervisory committee audits and member account verification procedures were unacceptable.
The IG made two recommendations, which National Credit Union Administration management agreed with. Management should:
- "revise examination procedures to prioritize assessing and developing a risk response for credit unions that do not segregate certain key duties and that require dual controls. These revisions should include a framework that examiners can complete an assessment of those characteristics that indicate lack of segregation of duties at a credit union and additional procedures that examiners should perform when a lack of segregation of duties is apparent"; and
- "amend guidance related to member account verifications. Specifically, the amended guidance should require reconciliation from the print processor to the share and loan subsidiaries when a statement verification is performed."
No comments:
Post a Comment