The full text on this page is automatically extracted from the file linked above and may contain errors and inconsistencies.
¿1 L. William Seidman, Chairman Federal Deposit Insurance Corporation Good morning. I would like to share my views with you on insider fraud and abuse in the banking system, and what we can do to reduce it. Clearly, the banking industry is changing and we will be challenged to keep pace with the changes. The very nature of auditing means auditors (and federal examiners) will be playing "catch up" with business innovators ... and, all too often, business scoundrels. I'd like to focus my remarks on the importance of catching the scoundrels. We are seeing some disturbing trends in banking that have significant implications for the FDIC, the bank insurer, and for you, the internal auditor. I am not sounding a general industry alarm, but the bottom line is, the costs of fraud and abuse in banking are escalating. The people that run banks are no less ethical or honest than those that run any other business. And no business is without transgressors. That would be like religion without sin. But, to the thief, the bank is the proverbial "candy store." It's where money is the inventory. Also in banking, bank directors are often important customers of the bank. This possible conflict of interest always contains some potential for abusive behavior. Consider the following: ° In 1985, the FBI completed investigations on $841 million in fraud and embezzlement cases. ° This was more than double the total for the year before, yet $53 million less than the total for only the first half of 1986. ° Most (80%) of these cases involved insider wrongdoing. ° The size of the average loss is also growing and now stands at about $117,000. ° These loss figures do not include the infamous "Butcher Banks", which we estimate will cost the FDIC $800 million. ° Insider abuse including fraud continues to be a major factor in bank failures — having been identified in 46 cases, or one-third of last year’s failures. The final figure may prove higher when investigations are completed. ° The FDIC expects to lose about $500 million on those 46 failures. While $500 million includes more than just fraud and abuse, we suspect a number of the banks would otherwise still be here today. ° Escalating fraud and abuse losses are driving up bank insurance premiums. A recently completed ABA survey indicates blanket bond premiums rose over 50% in 1985 alone. D&O insurance costs have gone up as well. ° The ABA survey also confirms that a growing number of banks, especially smaller banks, have found it difficult or impossible to obtain insurance; 28% of surveyed banks with less than $25 million in assets claimed to have such problems. These numbers clearly show that both the FDIC and the banking industry stand to benefit from enhanced programs to detect and curtail fraud and abuse. As internal auditors, you represent the "front line of defense" against such abuses. Seeing you here gives me considerable comfort. I wish that all banks could afford to have their own audit department. Every bank, regardless of size, needs an effective audit program. I encourage all banks to form audit committees, to develop audit programs and, wherever feasible, make those programs independent from operations management. Independence is important to the integrity of the program, particularly where the audit target is insider abuse. Shortly after joining the FDIC, I decided we should increase its focus on industry abuses. Last year I announced several programs toward that end. Today, I'd like to give you an update so you know where we are. Then I would like to comment on a troubling trend in state laws affecting director and officer liability. FDIC ACTIONS Examination Programs The FDIC is reinforcing and enhancing examiner training in the detection of fraud and abuse. I am pleased to announce today that our proposal of last November, known as "red flags" was put into action last week. Red flags consist of warning signs of fraud and insider abuse. These early detection signals cover a dozen broad areas of banking. They are designed to alert examiners to potential problem areas involving insider transactions, and to provide guidance on follow-up procedures. Training We are also developing special training 1986, our bank examiner division joined sessions which were held throughout the meetings will help promote better state cooperation. courses for examiners. During the FBI in fraud training country. We believe that such to federal law enforcement Specialized education programs are also continuing. The school initiated last year by the federal banking agencies to teach examiners how to detect sophisticated "White Collar Crime" will be in full swing this year. Nearly 500 federal examiners should complete the course in 1987. In addition, we are training a corps of examiners in complex fraud investigation skills. This group of specialists will also provide guidance to other examiners investigating possible fraud and abuse cases. Reporting and Communications Efforts to enhance inter-agency cooperation continue at the federal level. The Bank Fraud Enforcement Working Group which includes the federal banking agencies, the Justice Department and the FBI, meets monthly to discuss specific criminal cases and address problems of common interest. One important result has been a standardized form for bankers to report criminal activities. Partly as a result of this form, we have instituted a computer tracking system for criminal referrals. This system has aided us in spotting trends, geographic patterns, and emerging problems. The FDIC also is working with other regulators to develop a set of guidelines for bank directors on handling conflict of interest situations. The guidelines will emphasize carefully scrutinizing insider transactions for management abuse or fraud. Independent External Audit Another action being explored by the FDIC is adoption of a new regulation requiring an annual independent audit for some of the banks under our jurisdiction. The other federal banking regulators also are studying possible audit requirements. The FDIC has long encouraged external audits for banks. time has come for more "explicit" inducement. But perhaps the I recognize concerns about cost are the primary reason many bankers resist external audits. But, an independent audit has many potential benefits. Audits can help identify problem areas in internal controls and be very useful in establishing good operating policies and management information systems. Enhanced audit programs can even result in lower indemnity insurance premiums. An audit should not be viewed as a luxury, but as an increasingly important part of doing business. Currently, external audits are required for all publicly held banks and bank holding companies, as well as all other bank holding companies with more than $150 million in assets. I should also note that the American Bankers Association's Commission on Safety and Soundness recently recommended "that all banks adopt certified audits during the next three years to five years." Please do not think that the FDIC believes external audits are a panacea. They are not, and the FDIC as the undertaker of failed banks knows this better than anyone. I must admit, as a former auditor myself, to having been disappointed at the effectiveness of some "certified" audits. Consider that 33 percent of the banks that failed last year had outside audits within two years of failure. Of those banks audited, 70 percent were given unqualified or clean opinions. One would have expected to see a greater proportion of "going concern" exceptions. On the other hand, consider that only 17 percent of last year's failures had a full-scope audit within one year of failure. This appears to be well below the national average of audits for operating banks. Statistics compiled by the Comptroller of the Currency suggest that 65 percent of national banks receive annual opinion audits. It looks like the tendency to have an audit decreases as the potential for failure increases. Nothing has been decided yet about our proposed audit regulation. The proposal is still being drafted by our Division of Bank Supervision. We are considering what type of outside examination to require and to what extent the requirements should vary for banks of different size. Our current thinking is that banks over a certain size, say $50-60 million or more in assets, should have a full-scope opinion audit. A limited examination might be required for smaller institutions. Clearly, the outside audit is not perfect, but we believe the risk of a serious problem going undetected is substantially lessened by an audit conducted by competent and independent auditors. This is particularly important to us when a limited work force and an increasing supply of problem banks have caused us to fall significantly behind schedule in our own examinations. In fact, I should note that we are moving ahead with a new pilot program to help reduce the examination backlog. Yesterday, the FDIC Board selected Arthur Young and Arthur Andersen & Co., to participate in a program I proposed a few months ago. We will start joint training for personnel from these firms and the FDIC on April 20. Following this training, accountants will be working inside banks with FDIC examiners in the Dallas and Kansas City Regions. If this team examination approach is successful, we will move from the pilot phase to a competitive bid program in the near future. Our hope is to attract widespread interest from all sizes of CPA firms that have experience with financial institutions. Moreover, I am encouraged to note that the concerns voiced by the FDIC and others for increased detection of internal abuse and fraud are commanding the attention of the accounting profession. Recently, the American Institute of Certified Public Accountants issued exposure drafts of several new or revised auditing standards. One proposed auditing standard requires that the audit program be designed to "detect material errors and irregularities that affect the financial statements," rather than simply "plan to search for material errors and irregularities" as is required in current standards. 5 Another revised standard requires that the auditor assure himself that the audit committee is adequately informed of all irregularities of which the auditor becomes aware, unless the irregularity is clearly inconsequential. Under current standards, the auditor only has to notify management one level above the level at which the irregularity occurred. Also, the AICPA recently published a study designed to assist auditors when auditing a bank's allowance for credit losses. Among other things, it encourages auditors to look for self-dealing by directors or large shareholders. Clearly the accounting profession is making some, if not overwhelming, progress. Direct Immunity trends Before concluding, I would like to comment briefly on the growing trend in state legislatures to change certain aspects of the required standard of diligence and care by bank directors. It seems that an increasing number of states are leaning toward legislation designed to severely reduce the standards of performance by directors and, thus, limiting the personal liability of directors of state-chartered institutions. Approximately 30 states have passed or are considering such legislation. The apparent motives behind such legislation is to attract good directors. The motive is fine and a number of states would benefit from further clarification of their laws affecting directors' obligations. However, we are concerned that some states may go too far in relieving directors of accountability for their actions. Let's not throw the baby out with the bath water. The FDIC believes bank directors must have a clear obligation to oversee the affairs of banks it insures. The FDIC (and other banking agencies) strongly urge states to ensure that their statutes are consistent with obtaining well run institutions. Let me conclude by saying again that the internal auditor will face increasing challenges in the years ahead. Just remember, all bankers are born good, most make good, but a few will try to take the goods. I wish you (and us) success in finding those few and stopping them in their tracks. Thank you