Slideshows

Scam Alert: 12 Types of Fraud to Watch For

Fraud is a word no financial advisor wants to hear.

Advisors may unwittingly abet a fraudulent scheme that victimizes their clients, or they may allow it to occur by not taking more diligent proactive safeguards.

Bernard Madoff's multibillion-dollar Ponzi scheme has been the most egregious example of the perils that can befall unsuspecting clients -- and advisors who should have been more vigilant. But there are plenty of others. Just this month, a New York man posing as a successful hedge fund manager was arrested by prosecutors for securities fraud and charged by the SEC for stealing most of the approximately $840,000 he raised from unwitting investors.

But fraud can also occur in a myriad ways, from email scams to identity theft to manipulation of investment valuations. Page through to see a dozen common frauds -- and ways advisors can help prevent them -- or click here to see a single-page version. -- Charles Paikert

1. FAKE EMAIL SCAMS 1. FAKE EMAIL SCAMS

What can go wrong? A cybercriminal hacks into the email of a financial advisor's client and sends an email to the advisor that looks like it is coming from the client. The email asks the advisor to wire a large sum of money to an unfamiliar account for an extraordinary reason -- i.e. the client is stuck in another country and needs cash immediately. If the financial advisor proceeds with the transfer, thousands or even millions of dollars could potentially be stolen from the client.

Advisors should also be mindful of red flags, such as a request to wire money to someone or somewhere that the advisor doesn't have on record for the client.

How to fight it: Having proper controls in place surrounding wire transfers can help mitigate the risk of this type of fraud, says Todd Kesterson, director of Kaufman Rossin's family office services group. If a bank or financial advisor receives a non-recurring wire transfer request, via fax or email, there should be a multi-step verification process, he says. For example, try to verify the request by calling the client, by asking for personal identifying information -- a PIN number, birth date, Social Security number -- answers to security questions, or verification by another person that the client has previously designated on the account.

2. ONLINE ID THEFT 2. ONLINE ID THEFT

What can go wrong? Data breaches at the advisor's office can result in an unauthorized transfer of confidential and personal information.

How to fight it: Password-protect all computers and mobile devices that are used to access client files, says Becky Frost, senior manager of consumer education for security firm Experian's ProtectMyID product.
Computers should also have up-to-date antivirus and anti-malware software as well as firewall protection, Frost says. When working remotely, always use a secured Internet connection. Public wifi networks are typically unsecured, and are breeding grounds for thieves to steal your clients' sensitive information.

3. IMPROPER CHARGING OF PERFORMANCE OR MANAGEMENT FEES 3. IMPROPER CHARGING OF PERFORMANCE OR MANAGEMENT FEES

What can go wrong? The asset manager could mischarge management or performance fees, misappropriating your clients' assets.

How to fight it: As a part of due diligence, advisors should make sure fund managers have controls in place to make sure calculations of management and performance fees are being executed in accordance with offering memoranda, says Adam Weisman, a partner with Deloitte Financial Advisory Services. There should also be an independent review of the fee calculations before the fees are paid by the fund, Weisman says.

4. STUCK IN PONZI SCHEME 4. STUCK IN PONZI SCHEME

What can go wrong? A financial advisor who unintentionally directs client funds into a Ponzi scheme could potentially cost his client millions of dollars. In the case of Bernie Madoff, orchestrator of the largest Ponzi scheme in history, a total of $65 billion was taken from unsuspecting investors. Although the Madoff case is the most well-known, smaller Ponzi schemes are uncovered regularly.

How to fight it: Financial advisors can offer to perform proper due diligence to help prevent this type of fraud, Kaufman Rossin's Kesterson points out. Due diligence might include verifying that the fund manager has dependable and reputable service providers -- a third-party administrator, for instance, and annual audits from a CPA firm with investment expertise.

Financial advisors should be aware of red flags, such as a lack of transparency in a fund manager's investment strategy or consistently high returns and growth of assets, regardless of market performance.

5. TAX DATA THEFT 5. TAX DATA THEFT

What can go wrong? Identity thieves can make money by filing false returns or by stealing personal information off of tax documents to commit identity theft. Financial advisory firms are ripe with this information during tax time, making them a target.

How to fight it: Advisors need to establish steps to protect sensitive tax forms, says Experian's Frost.

Make sure that all company computers used by advisors are protected with up-to-date antivirus and antimalware software, a firewall and are password protected. All company computers should also use a private/secure network connection for all online activity, Frost says, and not a public Wi-Fi network.

Advisors should also educate clients about the IRS-issued PIN available to eligible tax filers to prevent the misuse of a Social Security number on fraudulent federal income tax returns. And never leave envelopes or documents in an unsecured location open to others -- such as in a car or on a desk.

6. MANIPULATED INVESTMENT VALUATIONS 6. MANIPULATED INVESTMENT VALUATIONS

What can go wrong? Investment managers could misstate NAV and performance metrics by manipulating investment valuations.

How to fight it: Use third-party firms for fund valuations, counsels Deloitte's Weisman. Make sure controls are built into the valuation process requiring that the valuations are performed consistently each period, are absent bias and are based on appropriate valuation methodologies.

7. 'PUMP & DUMP' MARKET MANIPULATION 7. 'PUMP & DUMP' MARKET MANIPULATION

What can go wrong? Stock promoters issue false reports or claims (often in social media, forums or chat rooms) to inflate the price of certain stocks, typically microcaps; investors act on those reports creating a demand for the shares which increases the stock price; and the promoters then dump their shares, causing the stock price to plummet.

How to fight it: Financial advisors need to conduct enhanced due diligence on the issuers of these types of stock offerings before making recommendations to their clients, Kesterson says. Advisors -- and their clients -- should be careful not to trade on rumors or hearsay and call the investor relations department of a company directly to verify claims about stock prices.

8. PHISHING SCAMS 8. PHISHING SCAMS

What can go wrong? Thieves use personal manipulation in order to gain information through phishing scams. These scams are meant to trick clients into giving away valuable personal information by posing as a legitimate institution -- like a financial advisory firm.

How can financial advisors help to prevent this? Educate your clients about phishing scams, Frost suggests. Inform clients that legitimate advisors, financial institutions, and government agencies never ask for personal identifying information this way.

Tell clients to think twice before clicking on links in suspicious emails or calling the number listed in the email. Rather, they should instead go directly to an institution's website and call the customer service number.

9. IMPROPER ALLOCATION OF EXPENSES TO FUNDS 9. IMPROPER ALLOCATION OF EXPENSES TO FUNDS

What can go wrong? Fund managers may allocate costs inappropriately. Be on the lookout for expenses that are not benefitting funds, are not incurred on behalf of the funds or are improperly allocated among a set of funds.

How to fight it: Through due diligence, advisors should make sure that the fund has clear and concise criteria for determining which expenses are appropriately allocable to the funds and, conversely, which expenses cannot be allocated to the funds, says Weisman. The fund manager should also set rules and guidelines for determining how allocable expenses are distributed among the funds. In addition, the criteria should ensure there is no bias in the allocation process.

10. ROGUE TRADING 10. ROGUE TRADING

What can go wrong? An employee who is authorized to make trades on behalf of a firm tries to boost profits for the firm by trading securities without proper approval. One example is Nick Leeson, who was a derivatives trader at the Singapore office of Britain's Barings Bank and made unauthorized investments that resulted in $1.3 billion in losses, eventually bankrupting his employer. He was charged with fraud and served time in a Singapore prison.

How can financial advisors help to prevent this? While technology can be used to help prevent this type of fraud, companies shouldn't rely solely on IT systems to detect rogue trading, says Kaufman Rossin's Kesterson. Rather, he says, managing this risk requires a company's senior leaders to implement appropriate policies and procedures surrounding internal controls. Top management must also foster an organizational culture that clearly communicates ethical standards, rewards desired behaviors, emphasizes accountability and closes any gaps between policy and practice.

11. MISAPPROPRIATION OF FUNDS BY STAFF 11. MISAPPROPRIATION OF FUNDS BY STAFF

What can go wrong? A back-office staffer creates false entries in the books and records of the advisory firm, causing the firm to pay money to the undeserving staff member. For example, an employee could create a fictitious advisor's account and direct a very small percentage of overall commissions or false expense reimbursements into it. Over time, these small payments could add up to tens of thousands of dollars.

How to fight it: Implement policies and procedures to review and approve all book entries, particularly for new representatives, says Kesterson. Segregate duties related to critical financial functions, rotate employees who hold these key responsibilities on a periodic basis and require key people to take vacation and then identify and train backups for these roles.

Ideally, no one person at the firm should be the sole individual responsible for more than one of the following functions in the same process: creating and authorizing new entries, disbursing funds and performing reconciliations.

12. DEVELOPING SCAMS 12. DEVELOPING SCAMS

Of course, the list of fraud schemes is never complete; scammers are constantly developing new ways to part your clients from their money.

Consequently, it is not sufficient "to attempt to create on/off controls to specific known risks," says Deloitte's Weisman.

Rather, approach your fraud defenses holistically, he says. He recommends proper design, implementation, execution and monitoring -- including "a systematic process for identification of fraud risks and schemes through effective company-wide fraud brainstorming performed at least annually."

Fraud can occur in a myriad ways, from email scams to ID theft to manipulation of investment valuations. See a dozen common frauds -- and ways advisors can help prevent them.

Comments (2)
Also make sure those passwords are long and unguessable. Use different passwords for all systems. Have separate accounts for all users and inactivate those account immediately when there is a change in employment status. For systems where credentials are shared, change passwords immediately whenever there is a personnel change. Don't write them down. Password vaults are invaluable tools to protect account names and passwords as long as the master passwords are unique, long and unguessable.
Posted by Jim P | Thursday, March 26 2015 at 8:40AM ET
Also make sure those passwords are long and unguessable. Use different passwords for all systems. Have separate accounts for all users and inactivate those account immediately when there is a change in employment status. For systems where credentials are shared, change passwords immediately whenever there is a personnel change. Don't write them down. Password vaults are invaluable tools to protect account names and passwords as long as the master passwords are unique, long and unguessable.
Posted by Jim P | Thursday, March 26 2015 at 8:41AM ET
Post a Comment
You must be registered to post a comment.
Not Registered?
You must be registered to post a comment. Click here to register.
Already registered? Log in here
Please note you must now log in with your email address and password.
Already a subscriber? Log in here