"Insider fraud" is one of the most serious threats faced by financial services firms, says the UK's Financial Services Authority (FSA) in a critical report on industry fraud protection practices.
The FSA says its Fraud Governance report, which looked at how senior managers are tackling fraud risk in 16 mainly larger financial services groups, found that insider fraud - through collusion, coercion, infiltration or existing employee action - was considered one of the most serious fraud threats faced by banks.
The most common example of insider fraud cited was incidents of staff being approached outside work and offered money to sell confidential information.
Last November the FSA repeated warnings that organised gangs of criminals are infiltrating British banks in order to carry out large-scale frauds. FSA chairman Callum McCarthy said there was increasing evidence that criminals are still getting jobs in banks in order to learn how to circumvent systems and controls to commit fraud.
To counter this rising threat, the FSA reports shows that many firms have tightened their employee vetting procedures, although the intensity of vetting varied between firms but did not always apply to both temporary and permanent staff. The study found one firm which applied seven levels of screening with the degree of due diligence tailored towards the seniority of the role, while another bank stated that eight per cent of potential staff were rejected after vetting.
Overall the Fraud Governance report found that firms which underinvested in anti-fraud measures were likely to suffer relatively high losses.
The report notes several areas where firms need to work harder and the regulator is calling on firms to collect more detailed and accurate data and invest in systems and controls to detect mounting fraud threats at an early stage. Without this, some firms are currently not in a position to adequately assess where and why they are at risk from fraud.
Philip Robinson, financial crime sector leader at the FSA, says: "A robust fraud strategy is one that is sponsored at the highest level within a firm and embedded within the culture. While the larger firms have been forced to wake up to fraud, those that have so far remained outside the fraudsters' radar are not as developed."
Robinson says firms need to continue to invest in systems and controls and manage their responses to fraud in order to avoid being targeted as "the weakest link".Download the document now 247 kb (Adobe Acrobat Document)