How often does your bank reconcile general ledger control accounts to subsidiary ledgers? Does your accounting system allow out-of-balance conditions to exist between the general ledger and subsidiary ledgers? Are employee, officer and director accounts periodically reviewed for unusual activity?
Hopefully, the answers to these questions are “daily,” a resounding “no” and “yes,” respectively. However, all too often, reconciliations are overlooked that leave holes in the accounting system and internal controls that are not known until it is too late. If the accounting system allows an out-of-balance situation between ledgers, an employee can wreak havoc on the financial institution for years before being discovered, if ever.
Example 1 – $5 Million in Improper Wire Transfers
In the case of one bank, the chief financial officer (CFO) was able to capitalize on an out-of-balance situation between the bank’s deposit subsidiary ledger and general ledger. The CFO was aware of the potential for the out-of-balance situation because he had chosen the bank’s core accounting system software. He also had the ability to make journal entries, and since the bank was a small institution, he knew no one else would reconcile the two ledgers; this was solely his function.
For more than 15 years, this CFO illegally obtained more than $5 million through two methods. First, he set up a straw checking account under the name of a relative of his wife. The CFO then created journal entries depositing money into the account and would write checks out of the account with the CFO as payee. The second method involved unauthorized wires to an E*Trade account and to an account at a credit union in a neighboring town. The wires to the E*Trade account were made possible through accounting entries to the bank’s Federal Reserve account and the deposit control account, which created an out-of-balance condition.
Since another bank employee conducted the wire transfers, the CFO would print instructional emails from the actual vendor, manually cut and paste a slightly different company name and account number—belonging to the CFO—into the email, then photocopy the “new” email and provide it to the bank employee as support for the unauthorized wire transfers. This scheme was identified by bank examiners who noticed the bank’s correspondent account was out of balance.
Example 2 – $200,000 in Online Entries to ATM Accounts
In another case, a bank employee was able to embezzle approximately $200,000 through journal entries using ATM-related accounts, such as the ATM clearing account or ATM adjustments account, to offset transactions into the employee’s own accounts. For example, the employee would credit her checking account for $250 and debit the ATM adjustments account. The employee also would do this to benefit family members’ accounts and to help pay down her mortgage loan at the same bank. Another bank employee discovered the scheme during a reconciliation of the internal ATM clearing account.
Don’t Be a Victim
There are several ways a financial institution can protect itself and prevent these situations from occurring. The one common thread between the issues in the two banks is that reconciliations can uncover improper and/or unauthorized transactions. In addition, a financial institution should not have an accounting system that allows out-of-balance situations to occur; the correspondent account should be balanced daily.
In addition, management should periodically review employees’ accounts, looking for any unusual activity or unexplainable income into the account(s). All accounts, including the ATM clearing or settlement accounts, should be periodically reconciled. This may be one of the quickest ways to detect potentially improper activity. Typically, the only deposit information in an employee’s account relates to payroll. Deposits outside of payroll activity, especially deposits by bank journal entry, should be questioned.
Review the ATM clearing and settlement accounts, as these should zero out daily. Determine the reconciling items and their legitimacy. Also, review the entries for the accounts. In most cases, the entries are in large batches; if you see small batches, there might be a problem.
Posts
No comments:
Post a Comment