Securing Your Credit Union Pt. II: Keeping Internal Fraud Out

Posted by on
  • Font size: Larger Smaller
  • Subscribe to this entry
  • Print

Credit unions must always be on guard against the possibility of internal fraud. A Baltimore credit union recently discovered that its CEO and her husband were embezzling money. She did so by falsifying records and issuing checks to herself under the guise of paying for bank expenses. Investigators also found irregularities in loans that the credit union and other financial institutions had made to the CEO.


Weak internal controls create an environment where fraud can fester and losses can quickly
mount. Credit unions have a variety of tools at their disposal to detect and prevent fraud. However, there are risks credit unions must bear in mind. Credit unions should first implement a robust fraud policy, which it updates, distributes, and requires all employees to sign on an annual basis. Fraud policies need to be carefully crafted to list specific violations and proper procedures for investigating possible violations. Credit unions should include language that obligates employees to report suspected fraud internally while protecting them from retaliation for reporting violations.


Second, credit unions can prevent fraud by applying cyber security lessons to internal security.
By creating a map of responsibilities among employees, credit unions can determine which
responsibilities potentially overlap in a single employee. One of the strongest tools at a credit union’s disposal is to separate processes among different employees so no one person is able to approve their own fraud.

When investigating fraudulent activity and disciplining employees, credit unions must tread lightly.  Anti-fraud policies provide notice to employees of what is expected of them but also provide guidance to the credit union on investigations and discipline. Deviating from an anti-fraud policy could open up the credit union to liability for a wrongful termination claim or for otherwise violating the employee’s rights. Additionally, it is important that credit unions frame disciplinary actions as violations of policy, rather than claims such as the employee has committed theft. Such claims can give rise to a defamation suit.


Credit unions have an obligation to members to prevent internal fraud. Poole Huffman can help credit unions by reviewing fraud policies, and if needed, investigate potential violations and determine the appropriate response, while minimizing credit union liability.

This is an article from Poole Huffman's The Credit Union Quarterly. A publication created for Georgia's top credit union executives.

Disclaimer: The information contained in this article is for informational purposes only and is not legal advice or a substitute for legal counsel. It does not constitute advertising or solicitation. The information in this article may or may not reflect the most current legal developments; accordingly, this article is not guaranteed to be complete, and should not be considered an indication of future results.