The Enemy Within: Best Practices for Identifying and Terminating Rogue Employees

Monday, April 3 | 4:50 PM

Moderator:

Nancy J. Saur, CAMS, FICA, Compliance Officer, Private Trust Company

Speakers:

Jason Frantz, Director, FIU, Discover Financial Services

Lester J. Bain CSO, CFE, CCS, Director of Security and AML Operations, Principal Vice President, Burke and Herbert Bank

William J. Voorhees; MFA, C.F.E., CAMS, Senior Vice President | BSA/AML Financial Intelligence Unit Manager, BB&T

2

Outline•4 real cases

• Rogue RM• Backpack Man• Horrible Bosses• Out of Control Investigator

• Internal Controls

• Red Flags

Questions? Ask during any of the cases

3

Case 1 – Rogue RM - Background• Internal referral-

• Elder abuse in the branch

• Client came in with a cell phone texting

• Needed to deposit cash into another’s account

• Wanted to send money to his girlfriend in Germany for travel

• Transaction escalated to the FIU for review

• Seeing multiple cash deposits all over the bank’s footprint• Client was supposed to be a travel agent (fly-fishing and

vineyard tours)

4

Case 1 - The Rogue RM• Spoke with RM –

• Assured that everything was above board and that he knew the client personally

• Vouched for the client, must be a big misunderstanding

• Volunteered additional info • Never fully materialized & what was received didn’t make sense

• Enhanced Due Diligence (EDD) Team• Previous issues with RM• Concerns re other clients serviced by that RM

5

Case 1 – Rogue RM – Deeper Look• Several accounts had the same Registered

Agent referring clients• Single agent referral source

• Set up business like US companies, but were LLC shells• Used the address of registered agent

• Used the bank’s phone number in the profile

• Many internal policy violations discovered (after the fact)

• History at the bank• Always pushing the boundaries

• Bullying behavior with regional associates

• Very complimentary of EDD team analyst

6

Case 1 – Rogue RM – Deeper Look• Reviewed RM’s portfolio

• Several SARs across the portfolio

• Closed accounts for EDD issues

• Numerous fraud accounts

• Link analysis showed several accounts connected by address, phone numbers, ownership and referral source.

• Claimed knowledge of owners - all ok

• Resigned during interview on policy violations

7

Case 1 – Rogue RM –Red Flags

• Turned a failing region around “overnight”

• Single referral partner/source• Could be an indicator of shady dealings

• EDD team’s history with his accounts

•Bully behavior with own staff and associates

•Overly nice to compliance!

8

Case 2: Backpack Man - Scene

•Walked into branch, carrying his backpack

• Asked how to deposit funds under IRS reporting threshold

(though staff knew he meant CTR threshold)

• Deposited Cash – 9,000

9

Case 2: Backpack Man –Preliminary Investigation

• Backpack Man + 25 others have same address

• Total # Accounts = 200

• Total # Loans across the accounts = 125

10

Case 2: Backpack Man –Deeper Investigation

• Loans:• All given by an Mr. ZZZ, an EVP at the Bank

• EVP well known in the community

• Millions of dollars passing through the bank

• Bank’s KYC:• Little to none

• Illogical: ABC Inc. paying XYZ’s loan

11

Case 2: Backpack Man –Even Deeper Investigation

•Major Case Investigations alerted

• Board gave full authority to investigate

•Mr. ZZZ (Bank’s EVP) had very close relationship with Mr. S (Kingpin):• Business partners• Hunting Trips & Overseas Vacations

12

Case 2: Backpack Man –What’s Mr. ZZZ like?

• Bullied both branch & lending staff to• Open personal account(s) with no ID’s• Perform transactions authorized by Mr. S, but

for accounts on which Mr. S wasn’t authorized

•Mr. ZZZ moved $1mm from a relative’s account, but he was not a signatory on the account• Paid it back after receiving an overseas wire

13

Case 2: Backpack Man –End Result

•Mr. ZZZ terminated

• FDIC Alerted

• All identified accounts associated with Mr. ZZZ and Mr. S closed

• Involved Federal Law Enforcement• Questions about completely different case• Networking• Still under investigation

14

Case 2: Backpack Man – Red Flags

• Culture of Fear & Bullying

• 26 people used same address

• Millions of dollars moving through the bank

• Relationships between individuals & entities not clear

• Individuals conducting transactions on accounts over which they were not authorized

• Close personal relationship between principals (EVP + Mr. S)

15

Case 3 – Horrible Bosses

• Larry – Team Manager for NY, TX, CA• Located in CA, favors CA employees• Bullied TX and NY• Tired of dealing with NY team – he’ll fix them!

• Manipulated data to make NY Team fail – justifying terminations

• Helped CA team exceed their SLA’s

• Known to manipulate SAR dates• Built controls around failures to protect himself

16

Case 3 – Horrible Bosses –Ending Larry’s Reign of Terror

• New Director audited program

• Identified inconsistencies in how teams were managed• Identified broken controls to cover broken processes• Identified collusion with CA based investigators and

supporting managers

• Engaged Human Resources and Legal

• “Ducks in a row”- Documentation• Internal Investigation

• Terminated Rogue Employees

17

Case 3 – Horrible Bosses-Red Flags

• Systemic inconsistencies in production/quality

• Controls out of alignment with a strong AML Program

• Larry unwilling to share with new Manager

• Systemic bullying:• Staff interviews identified consistent theme of

Bullying

• Larry’s close friends were other bullying managers

18

Case 4 – Out of Control Investigator

• Charles – AML Analyst • Hothead - Long-tenured employee, history of

confrontation with management

• Doesn’t take responsibility for Quality / Timeliness

•Uses templates, copy, paste to enrich SARs• Into wrong case• Has deleted cases containing SARs if he

exceeded the SLA

19

Case 4 – Out of Control Investigator-Reign Him In

• 30 Day Action Plan Implemented• 100% reviews

• Partnered with a “coach

• Elevated to Performance Improvement Plan• Internal Investigation of Charles’ work

• Daily 1:1s to review progress

• Physical Security placed Charles’ on paid-leave due to his threats

• Ultimately, Charles resigns

20

Case 4 – Out of Control Investigator-Red Flags

• Charles was verbally abusive to anyone lending help

• Threatened to harm himself

•Manipulated work in an effort to avoid detection for under-performing

21

Take Aways• Culture

• Executive Management Support• Ethics – Nobody is above the law

• Policies• Whistleblower hotlines• No repercussions

• Processes• Gather facts• Execute plan to remove threat quickly

22

Take Aways

• Training• Staff recognition & reporting• Beware overly complimentary colleagues• Smaller institutions may be larger target

• Audits (or worse, Investigations after the fact)• Follow the $• Keep Master copies

23

Contacts

• Lester J. Bain lbain@burkeandherbertbank.com

• Jason Frantz jasonfrantz@discover.com

• William J. Voorhees WVoorhees@BBandT.com

• Nancy J. Saur caymanpace@hotmail.com