Banking: A Culture of Culpability
I recently read an article published by CNBC on bank fraud. Normally, I glance right over these pieces and keep it moving. After spending over a decade working in the retail banking industry, fraud is just one of those topics that turns my stomach quicker than bad sushi. For starters, it was something that we encountered on a near daily basis, sometimes multiple customers back to back with similar issues all ranging from compromised debit cards to fraudulent checks and ACH withdrawals. Secondly, everyone who writes an article on bank fraud and all of the ways to protect yourself are usually just parroting a Suzie Ormon article they read a few years ago and have never actually been a victim of said fraud, perpetrated it themselves or had to spend countless hours of their own time and bank resources to help resolve the issues that stem from it.
But when I noticed that Frank Abagnale was a contributor for the article, my antennas immediately went up. I have included a link to the article below, but if you are not aware of whom this is, hopefully you have watched or at least heard of the movie, “Catch Me If You Can.” Leonardo DiCaprio plays the part of Frank Abagnale, a young man who becomes a master in the world of bank fraud and deceit. He was ultimately caught and placed in prison for his crimes, but now helps to consult on how others can protect themselves from the new age versions of himself. With an impressive resume like that, I was intrigued to hear his point of view on some of the issues that I witnessed firsthand while simultaneously calming frantic customers who found their bank accounts drained of anywhere from hundreds to tens of thousands of dollars.
The first point Mr. Abagnale makes in this article is 100% true — from one perspective anyway — and that is how all of our modern advancements in technology have made it exponentially easier for identity thieves and scam artists to steal our sensitive personal information. Whether you access your bank accounts online all the time from any device over whatever secured or unsecured connection you can find, only check from the safety of your own home, or don’t even know how to turn a computer on makes no difference to these relentless pariahs. Sure, some of those activities will make you more susceptible than others, but at the end of the day the information an identity thief needs to create an online profile for you with your banking institution of choice is not nearly as much as you might think and can be readily accessed in many ways. In order to enroll in online banking services at most major financial institutions all one needs to have is:
-An email address:Guess what? It doesn’t even have to be your email address! If you have never signed up for online services, or are the type of person who either does not have an email address or refused to provide it to your bank when you opened an account or when they updated their records, the hackers and thieves are starting with a clean slate and the bank system will have no way of knowing that the person trying to set up an online presence is not actually you.
-Bank account number:If you are not utilizing online banking, or you are but still prefer those “paper” statements, this piece of information can easily fall into the wrong hands. Just think about how many times you may not have received a piece of mail, particularly a bank or credit card statement, and either blamed the issuer or the postal service. But just what if that statement was sent, and the postal service delivered it to the wrong mailbox, one that belongs to someone with malicious intent. Or it made it to your mailbox and was taken out before you got home by a calculating criminal who already stumbled upon some of the other pieces of the puzzle needed to wipe out your accounts.
-Social Security number (or sometimes only last 4): Some of us protect this information like gold, others take very intimate and private phone conversations in very public spaces with no thought for the consequences thanks to the prevalence of cellphones. Even if you are just keying the information in on the number pad instead of speaking it out loud there are ways to recognize the different tones each key makes, or one could merely look over your shoulder as you are doing it. Scammers are also very good at calling you or sending letters in order to try and obtain this information via fake sweepstakes and the likes. And if you are rolling your eyes thinking no one can be that stupid, I assure you I have assisted many college educated folks who in a moment of weakness or gullibility fell victim to exactly this type of rouse and were forced to scramble on damage control.
-Date of birth: Probably the least sensitive and guarded of all of your personal information and there are so many ways that this can be obtained that I will not even waste time on it. If someone can get your bank account number and social security, your DOB is a walk in the park. Knowing this, I find that the exact opposite of Mr. Abagnale’s statement can also hold true. The access to technology can also help consumers protect themselves far better than they were able to in the past as well. Back in the 1960’s, consumers had no choice but to wait until their monthly bank statements were mailed out before they could balance that good old check book and ensure the accuracy of the transactions. If someone had committed fraud against the account on the 1st of the month, they would not find out until around the 7th to 15th of the following month. This allows for over a month of the illicit activity to continue, all the while the bank account in question is getting drained. In the process, legitimate checks the client is writing are in danger of getting returned due to insufficient funds, thus wreaking havoc across every aspect of their financial life.
An ounce or prevention is worth a pound of cure.
As it relates to banking and fraud, this is equivalent to Bible’s Golden Rule. Even if you are not comfortable paying your bills online (a fear we will debunk shortly), simply logging in on a daily basis to check your balance and review any transactions that seem out of place will put you in a far better position to catch fraud as soon as it happens and be reimbursed immediately. Thanks to Federal regulations, banks must reimburse you for any and all electronic fraud against your account (bill payments, debit card, ACH withdrawals) in a timely fashion so long as they are notified within 60 days of the infraction. If you think back to the scenario where you are waiting for a bank statement, you could have possibly just squandered 30–45 days of that window. If that doesn’t make you feel better about the benefits of online banking, maybe the following topic will.
When Mr. Abagnale was in the business of bank fraud, it was all done via paper checks, and he does a great job of outlining that process in the article I referenced. There are some parts that are no longer relevant in the advanced age of banking and decentralization of corporate payments structures though. Today, obtaining the signature of a CEO will probably not do a whole heck of a lot depending on the company in question as many do not sign any of their own corporate checks, they have individual department heads who handle that day to day business, and even those signatures are “rubber stamped” — meaning they are preprinted on the check before any payee or dollar amounts are entered. As an example, at JPMorgan Chase, Jamie Dimon who is the CEO does not sign any of the bank issued checks that are in circulation, at least none that I ever witnessed in eight years working there. Should someone come in with a check signed by Mr. Dimon, it would be an immediate red flag that could be spotted by even the most inexperienced teller (but we will come back to this as well).
Considering that my concern in writing this is for the benefit of the consumer, the little guy who can’t absorb the effects of fraud like a corporate behemoth can, let’s focus on how you writing out your own checks to pay bills makes you more likely to fall victim to fraud than if you paid your bills online. When putting a check in the mail to pay a bill, you have effectively given an identity thief almost every single piece of information they need to drain your bank account. This can happen by thieves who steal envelopes out of mailboxes, letters delivered to incorrect addresses, or even unscrupulous payment agents at your local utility company who are compiling and selling this information. Never thought about it that way, did you? Most people haven’t, so let’s be clear about exactly what you are giving up when you mail out that check:
-Name and Address -Bank Routing number -Bank account number -Your signature -The name of a company you do business with -Possibly your account number with that company if you wrote it in the memo line
With all of that information now in hand, it is off to order check-printing supplies as Mr. Abignale explained in simplicity. There are no checks or balances, no one to ask who is the account holder. Now the phony checks start to fly and your account begins to drop. When payments are made through a bank’s online payment system, those funds are delivered to the payee in question electronically, usually within 1–2 business days, and the only piece of private information the receiving company is privy to is the name of the bank you use. Those payments are guaranteed to be delivered on time and any potential fraud is covered by that Federal regulation we spoke about earlier. Whether you like the idea of where society is moving, particularly as it pertains to your money and banking, there is very little that we as consumers can do to stop the advancement of technology and the culture of culpability it breeds in the gluttonous financial institutions that “serve you.” Can the banks really be blamed for the actions of criminals who are merely using them as means to an end? It’s okay if that is what is going through your mind right now and it is a very fair question — if you have never worked in a bank and witnessed the behind the scenes mechanics that perpetuate this cycle and embolden those who see you and your bank as easy targets. If you have stepped into a bank within the last few years, you might have noticed how it seems eerily empty. Where a teller line of ten stations that used to be fully staffed is now manned by one lonesome college student just hoping they will be able to eat their lunch that day since they are all alone. How a platform full of empty desks is the only thing there to greet when you are in need of serious attention, and where there are more customers sitting in chairs waiting for assistance than there other people to help. In some institutions, the time that could be spent waiting makes a trip to the DMV look like a day at Disney World.
The reason for this is because banks are trying to squeeze every dollar of profit they can out of their customers and employees so that their senior executives and shareholders can reap the rewards while you lose your mind. Banks have moved toward a self-service model that has resulted in the shuttering of physical locations, reduction in staff, and elimination of many customary services and conveniences that they no longer deem as profitable without concern for the impact on the very people that keep them in business — their account holders! What does this have to do with fraud? Oh, I don’t know, just about everything.
As the number of employees in a retail bank are reduced to drastic levels, sometimes to the point where it is actually unsafe for them to work (remember this is a place that handles large volumes of cash), corners are getting cut in ways the average customer does not realize. Sure, you are fully aware of your rapidly ebbing lunch break as you wait tenth in line behind a bunch of business customers with sacks of cash for the one and only teller in sight. But what trickle down effect does that have beyond just your lost time?
Efficiency. Accuracy. Concern.
Please don’t think I am saying that by bank staff lacking these things due to circumstance it makes them bad people, just the opposite actually. Believe it or not, they are doing the best they can under the circumstances they are forced to work under and do not want to see the same faces standing there for an hour anymore than you want to be there. They are fully aware that many customers will ultimately wind up taking out their frustration on them when they finally reach the window, one after another like a boxer with their hands tied behind their backs getting punched in the mouth all day long. It does not bode well for their morale or ability to serve you to the best of their ability beyond the forced smile and perfunctory apology for the wait. And honestly, they are sorry, it is the bank that pays them that has zero remorse for the situation you have both been placed in. If they could get away with zero associates and still turn a profit, believe me they would.
And guess what makes it worse? The bank and senior management responsible still want them to perform at their highest possible level, meaning no cash balancing issues, no fraud losses, no negative customer surveys about how dissatisfied they were. That employee takes the brunt of the blame when we as customers complain about how poor the experience was the bank as a whole provided, while the seven figure head honchos absolve themselves off all responsibility or guilt. When you have an employee who feels like that, who dreads getting out of bed every morning as if they were back in grade school and knew the bully was waiting for them at recess, bad things are bound to happen. I can speak to this first hand, but will spare you any specific examples and focus on the broad facts. First, tellers are poorly paid and inadequately trained. To the pay piece, I implore you to watch the video in this link https://binged.it/2CEnV1F where a major bank CEO could not explain to Congress how one of his tellers might be able to keep her head above water on what his bank paid her. That is basically industry standard, although a select few have started making strides to improve this bleak statistic. As for the training, on average a teller spends 5 to 10 days in a classroom environment where not a single minute is spent on fraud detection and prevention. They are then sent to be supervised in real bank for a few days by another teller who has slightly more experience than they do, in essence resulting in “the blind leading the blind.” Not to mention, that is assuming that teller is even allowed to finish that complete training rotation because staffing situations are so dire they are oftentimes pulled out and thrown right into the fire.
When that line starts building and these inexperienced tellers become deer in headlights, mistakes begin to mount quickly. Deposits are made into incorrect accounts, cash goes missing or misallocated, and above all else fraud happens. That cordial guy or gal waiting patiently on line to cash their $300 check approaches the window and is not upset, not abusive. They chat them up like they are a human being and make them feel good about themselves. They get their $300 and are on their way and that teller feels great for a fleeting moment. And then, minutes, hours or days later they find out that check was fraudulent and that charming understanding person was a professional scam artist who knew exactly what they were doing and who they were preying on. And that is a mild example. That check could have been $3,000, or any amount under the highest limit that would have required a supervisor to intervene, because yes, the criminals know that information as well — the good ones know more about bank policy than the actual employees do. Plus, the supervisor is busy and overwhelmed as well so, oops.
You might be wondering what happens in circumstances such as these. Well, a few things. First, there is a good chance that teller will be disciplined or even fired. Either way, an unfortunate fate for someone who was set up to fail by their employer and one that now makes the bank even shorter staffed and more vulnerable to fraudsters. The bank will also reimburse the victim’s account for the full amount of the loss. After all, they have acceptable fraud levels that are built into the budget, simply meaning that as long as the amount of money they save on salaries and adequate training exceeds the amount of money that is going out the door to fraud, it is still a win for them.
That leaves the customer now waiting for anywhere from 24 hours all the way up to 30 days to recover their funds while the bank conducts an investigation. For someone who only had that much money left in their account to begin with and a rent or mortgage payment due in a few days, that really is not an acceptable outcome, but they have no choice. This is also no mystery to the fraudsters of the world, and as long as they continue to succeed there is no deterrent. Gone are the days of armed bank robbery, which has historically low success rates and results in lengthy prison sentences as a violent crime. The current method of thievery is considered white collar and in the event someone gets caught they are often back on the streets in no time at all without ever repaying their illicit gains. Two losers: The customer and the employee Two winners: The bank and the criminal
Under those circumstances it is probably hard to even draw a distinction and easier to just classify both of the winning parties as criminals. So god forbid you are ever the victim of fraud, please remember some of this article and think twice about asking how stupid the employee who processed the transaction can be or question why no one picked up the phone to call you and verify it. The simple answer is probably that the teller didn’t have time to look closely enough, or was burnt out from helping every other customer who came in that day, and the other employee or manager on duty who should have called was busy helping a waiting area full of people waiting to place fraud claims of their own.
And the cycle continues…