Home Compliance Topics Fraud
View/Print All Return

Fraud Introduction

Last Reviewed: November 2024

Fraudulent attacks and losses have only been increasing in recent years. The Federal Trade Commission (FTC) reported over $10 billion in fraud losses and 2.6 million fraud reports in 2023. Credit Unions must implement measures to prevent, detect, and deter fraud to mitigate losses.

The fraud environment is constantly evolving and it is critical to stay aware of fraud trends, educate credit union employees and members, and implement proper anti-fraud controls.

Print Overview

Fraud Introduction: Overview

The NCUA Examiner’s Guide on Fraud defines fraud as any "intentional act or omission designed to deceive others, resulting in the victim suffering a loss and/or the perpetrator achieving a gain.” Fraud can be categorized by the type of perpetrator – internal or external. 

Internal fraud, or insider fraud, is perpetrated "by individuals associated with the credit union, such as a credit union employee, official, third party, credit union member, or some combination of these individuals working together." To deter and detect internal fraud, a credit union can implement internal controls, regularly conduct anti-fraud training for employees, develop an ethical culture, and establish policies and procedures.

To learn more about internal fraud, visit the Internal Fraud topic in the Fraud Channel.

External fraud is committed by "an individual or entity unconnected to the credit union against the credit union." According to NCU-ISAO, external threats are the most common, targeting organizations for financial gain and sensitive employee and customer information. Examples of external fraud include:

  • Falsified loan or collateral documents
  • Falsified membership documents
  • Offering kickbacks to credit union employees
  • Overstatement of third-party contracts
  • Fake deposits or payments
  • Cyber-enabled crimes 

Be aware of fraud attacks that will impact credit union members, too. Attacks on members may leave an institution financially responsible for any losses and may affect consumers' overall trust in the financial system.

Fraud can also be perpetrated by two or more individuals, known as collusion fraud, as discussed in the CPA Journal. Collusion fraud schemes can involve internal parties, external parties, or both parties working together to commit fraud.

Print Common Fraud Scams

Fraud Introduction: Common Fraud Scams

The NCUA Fraud Prevention Center shares key information on common scams, identity theft, and cybercrimes. It is important to be aware of trends and common scams that credit union members may experience.

This document outlines common fraud trends, scams, and cybercrimes as mentioned by the NCUA Fraud Prevention Center. This includes Advance-Fee Fraud, Business and Job Opportunity Scams, and more! You will also find red flags and tips for each item.

Print Reporting Fraud

Fraud Introduction: Reporting Fraud

The NCUA Fraud Prevention Center provides the following information on what to report and where to report suspected fraud.

What to Report Where to Report
Report anything you think may be identity theft - in a scam, cybercrime, or data breach - and get a recovery plan. Identitytheft.gov
Report unwanted calls from telemarketers and register your number on the national do not call registry. Donotcall.gov
Report anything you think may be a fraud, scam, or bad business practice. Reportfraud.ftc.gov
Report any suspected cybercrime. Ic3.gov
Report a suspected investment fraud or a problem with your investments. Sec.gov
Report a potentially fraudulent, illegal, or unethical investment activity. Finra.org
Report a violation of the Commodity Exchange Act or Commission regulations. Cftc.gov
Report a suspected financial/economic crime or fraud (e.g., mortgage fraud or investment fraud). Fbi.gov
Report any fraud related to natural or man-made disasters. Justice.gov
Print Top Reported Fraud

Fraud Introduction: Top Reported Fraud

The Federal Trade Commission (FTC) collects data on consumer reports regarding fraud and identity theft, storing the reports in the Consumer Sentinel Network.

The FTC reported the following in 2023:

Top 10 Fraud Categories:

  1. Imposter Scams
  2. Online shopping
  3. Business and job opportunities
  4. Internet services
  5. Investment related
  6. Telephone and mobile services
  7. Health care
  8. Travel, vacations, and timeshare plans
  9. Prizes, sweepstakes, and lotteries
  10. Mortgage foreclosure relief and debt management

Fraudsters will often impersonate credit unions in imposter scams. Educate members on these scams and promote best practices - do not share login credentials and personally identifiable information, verify legitimacy by stopping any communication and then contacting the credit union directly, look out for red flags such as pressure to act quickly, and do not transfer money over online channels or the phone.

Top Fraud Reports by Payment Method:

  1. Credit cards
  2. Debit cards
  3. Payment app or service
  4. Bank transfer or payment
  5. Cryptocurrency 
  6. Wire transfer
  7. Gift card or reload card
  8. Cash 
  9. Check
  10. Money order

Stay aware of payment fraud and emerging trends. A credit union may be liable for any unauthorized transactions and losses associated with these payment methods and must be prepared to protect themselves and their members.

Top Identity Theft Types: 

  1. Credit card
  2. Other identity theft
  3. Loan or lease
  4. Bank account
  5. Employment or tax-related
  6. Government documents or benefits
  7. Phone or utilities

Stay informed of fraud trends through resources like the FTC’s Consumer Sentinel Network. Although the credit union may not be at risk for all fraud types, members likely are. To mitigate fraud risk, regularly train and educate both your employees and members on fraud and how to detect and prevent it.

Print Warning Signs

Fraud Introduction: Warning Signs

The CFPB lists the following classic warning signs of fraud:

  • Someone claiming to be from the government, from a bank or credit union, from a trusted or well-known business, or a family member and is asking for money or sensitive information.
  • Requests for money or taxes to be paid upfront to receive a gift or prize.
  • Requests for a wire transfer, cryptocurrency, money through a payment app, prepaid card, or gift card.
  • Someone asking for access to your ATM cards, bank accounts, credit cards, cryptocurrency wallet keys or access codes, or investment accounts; or asking for sensitive information such as your passwords or social security number.
  • A sense of urgency and high-pressure tactics. 
  • A deal that is too good to be true.

Educate credit union frontline staff and members on these signs and other red flags. If you believe a member is a victim of fraud, proceed with caution, ensure the member understands the risks of sending money or sharing sensitive information, and escalate accordingly. 

Print Model Policies

Fraud Introduction: Model Policies

CU PolicyPro contains the following model content which can be used to help you craft your own policies and guidance on this topic:

  • Model Policy 1100: Credit Union Culture and Governance
    • 1100.17: Audits
  • Model Policy 1500: Staffing and Human Resources
    • 1500.10: Whistleblowing Protection
  • Model Policy 1645: Fraud
  • Model Policy 2225: Digital Banking
    • 2225.10: Anti-Phishing
  • Model Policy 11009: Identity Theft Red Flag Guidelines
  • Model Policy 11012: Disclosure of Information to Victims of Identity Theft

Click to login if your credit union subscribes to CU PolicyPro

If you're not sure if your credit union subscribes, contact policysupport@cusolutionsgroup.com for assistance.

Go to main navigation