Fraudulent Loan Applications – A Booming Business for Organized Crime
A new report based on several cases involving fraudulent loan applications sheds light on organized fraud against banks. Bribery and infiltration are common methods. What preventive measures can be taken against loan fraud and corruption?
Escalating fraud is causing a growing sense of urgency among financial companies to establish preventive measures. The challenge is complex and involves both financial crime risks as well as corporate social responsibility.
A recent report by the Oslo Police, co-authored by Henrik Skådinn, Senior Manager at FCG’s Financial Crime Prevention team in Norway, highlights that sharing intelligence from investigations will be critical to helping businesses establish effective countermeasures.
The report demonstrates how organized crime networks can be linked to several recent cases. New modes of operation and risk factors can now be identified. This is information which is material for businesses to be able to mitigate their risk exposure and reduce their vulnerability.
Various types of fraud have increased exponentially, by 30% in Sweden. Similar figures are reported from e.g. Det Norske Bank at a recent conference in Oslo, saying cases handled increased by 60% in 2021 and between 2018-2020 digital fraud increased with 300%, pointing towards more advanced arrangements and growing criminality.
This is a global trend. In February, the US Federal Trade Commission reported a 70% increase in consumer fraud from 2020 to 2021.
Reporting obligations under the Norwegian Money Laundering Act (Lov om tiltak osv) do not require that the underlying criminal primary offence is identified. The failure to prevent bribery and corruption is not a criminal offence in the Nordic jurisdictions. However, the report from the Oslo Police explains how understanding and preventing corruption can help banks prevent fraud.
The work behind the report is quite unique in that it lays out the working of organized fraud against banks and offers advice on detection and prevention, based on empirical evidence. There is a best practice for anti-bribery and anti-corruption and now we understand how that could be used to prevent fraud too.Henrik Skådinn, Senior Manager Financial Crime Prevention
A criminal network generally consists of several people with different roles and functions. The functions are, among other things, linked to the recruitment of loan customers and agent activities, acts of corruption, falsification of documents, laundering of criminal proceeds and running the network.
The target group of the criminal network is often private individuals (loan customers) who are not eligible for a loan, in whole or in part. Targets are recruited through advertising on the internet, by “word of mouth” or by active outreach. The criminal network can appear to the prospective loan customer to be a legal loan agency with good contacts. Consequently, the loan customer can be led to believe that their loan application is granted on a correct legal basis.
The Loan Customer Pays the Criminal Network
The loan customer often must make an upfront payment of 50,000 – 100,000 NOK when the application is prepared. Part of the fee is used by representatives in the criminal network to bribe employees of banking and financial companies, and the remainder is laundered to appear to be legal profits.
The criminal network falsifies documents with manipulated customer data such as wages, housing, rental income, and employment contracts and thus creditworthiness, using different software programs. Recent cases have not been able to establish the extent to which the loan customers are aware about falsification of their documentation.
Infiltrating the Bank
Individuals operating the networks have direct or indirect links with bank employees, who are particularly susceptible or vulnerable to influence in different ways. This can be bribery in the form of money, valuables, travel etc., but also psychological influence such as social pressure and blackmailing. Through these methods, criminal networks are able to infiltrate key functions and access bank employees authorized to grant loans.
Controlling the Application Process
Loan applications supported by fake documentation are submitted by e-mail directly to the criminal network’s “contact person” in the bank. The e-mail and following communication which takes place on behalf of the loan customer, is all set up and controlled by the criminals for this purpose. Frequently domains such as g-mail or similar are used with the customer’s first name and surname. Credible at first sight. In this way, there is no interaction between the loan customer and the bank that can risk deviating from the falsified information submitted and thus leading to detection.
Typically, loan applications will state that the loan customer has recently changed employment, income, tenancy or similar which is needed to assure creditworthiness. Because such changes are quite recent, they can rarely be verified in public records, and consequently there is little to confirm the correctness of submitted customer information.
Covering up the Traces of Crime
The corrupted person, effectively acting as insider within the bank, submits the loan applications to staff in the first line for further processing. There is little to trace back to the criminal operators, the process is covered up and the risk of detection is minimized.
Granting Loans on Corrupted Ground
The application is now approved and the loan disbursed. The inaccuracies and conditions are in general not captured in the bank’s credit department etc., and the actual credit risk goes undetected.
Based on the systematic approach and tactics deployed by criminal networks analysed in recent cases, some general and specific preventive measures can be recommended:
General Preventive Measures
- Conduct regular risk assessments based on the context of the organization and business model considering all products and services. The risk assessment should identify material threats and vulnerabilities within the operations.
- Prepare and review frameworks, policies, and guidelines to detect, prevent and manage risks and incidents of fraud and corruption. The policy and guidelines should appropriately reflect the needs of the organization based on an updated risk assessment.
- Building awareness and a pro-active stance. Creating a culture of compliance takes time and is a major challenge for many organizations. Continuous efforts using case training on possible corruption situations, risk workshops combined with a demonstrated support from senior management and discussions around ethical guidelines are all components that should be considered.
- Conduct regular training that enables employees to recognize conditions that may indicate loan fraud and corruption.
- Build competence in internal control to identify risks and non-conformities including the ability to address continuous improvements through regular routines.
- Perform quality assurance in the first line, including control of documents to ensure authenticity of information and that documents are correctly signed etc.
- Establish a competent and comprehensive control environment to ensure independent control functions.
- Implement internal notification routines and anonymous reporting with a robust case handling procedure.
- Encourage the “Tone at the Top” with clear communication from senior management about the company’s operations to set expectations and zero tolerance for financial crime.
- Ensure proper due diligence in conjunction with recruitment including investigating procedures of personnel awareness, potential conflicts of interest and personal finances.
Specific Preventive Measures
- Manage all loan applications centrally by an independent function within the bank as a general rule. Applications should be sent directly to a randomly selected case manager for processing.
- Make use of software solutions for continuous sampling and detection of manipulated documents. Equally important, establish a robust process for review and investigations when fraudulent applications are detected. This may involve reviewing all applications that a specific employee has administered historically. The result can help uncover criminal operational methods early.
- Manually review and verify documents through dialogue with the customer. This may include customer communication trails to identify and prevent a case manager from intentionally approving falsified documentation and fraudulent applications.
If banks do not take corruption seriously, there is a real risk that organized criminal circles get the upper hand and establish control of some of the bank’s functions. It is important that banks understand how organized crime operates today. They are systematic, professional, and persistent. Their objective is basically to understand the weaknesses of your organization better than you do. As of now, the biggest weakness so far in these cases, is the lack of quality and routines for documenting rental income. It is incredibly easy to fake rental income and fake personal creditworthiness.Henrik Skådinn
Learn more about Financial Crime Prevention here: The Step Ahead of Financial Crime
For more information, please contact: