- Corporate Security
- Governance, Risk & Compliance
- Information Security
Fulton Financial Corporation (FFC)—a $16.6 billion company—is comprised of eight affiliate banks operating more than 260 offices and ATMs across Pennsylvania, Maryland, Delaware, New Jersey and Virginia. Apart from overseeing physical security at all corporate facilities, FFC’s Security Department is responsible for investigating fraud across the corporation. In its various forms (check fraud, ATM fraud, identity theft, etc.), fraud accounts for a significant portion of FFC’s operating risk loss. And like every operating risk loss, there is potential for both risk reduction and loss reduction with the right tools and the right approach.
Six of FFC’s eight affiliate banks used paper-based fraud tracking methods while the other two maintained separate automated systems. Corporate-wide tracking, reporting and analysis were difficult and time-consuming, and an integrated system was needed. By implementing Perspective, Resolver’s incident management software offering, FFC can now consolidate fraud data from all eight affiliate banks in a single, comprehensive database, search, analyze and report on fraud data at the affiliate bank level, the regional level or across the entire corporation.
Detecting, investigating and, more importantly, mitigating fraud to reduce operating risk loss are critically important tasks for FFC. With hundreds of branch locations and ATMs spread across five states, their security personnel need instant access to past and present incident records, as well as current information on fraud methods and trends.
Formerly, FFC’s eight affiliate banks each operated their own security departments, independently tracking, reporting and analyzing incidents, investigations and cases.
This approach worked smoothly until July 2007 when FFC re-structured their security operations and merged these separate departments into one centralized corporate department.
With this re-structuring came the daunting challenge of consolidating the extensive security data tracked by all eight banks—along with their disparate tracking systems. Six of the eight banks relied on paper files to track incident details and manage case investigations, making information access and analysis difficult and time-consuming. Although the other two banks used an automated incident reporting system— IRIMS—they maintained separate databases, and information couldn’t easily be shared.
According to Glynnis Kofler, Operating Risk Loss Officer for FFC, the varying incident, investigation and case tracking methods employed by the affiliate banks made it challenging to accurately report on fraud activity across the organization: “There was no way that I, as the Operating Risk Loss Officer, could pull automated corporate detailed reports.”
Without this ability, FFC’s new Security Department couldn’t easily identify fraud trends, incident hotspots or links and relationships between incidents and cases across all eight affiliate banks. Clearly, a corporate-wide system for tracking, reporting and analyzing fraud incidents was needed to ensure that FFC could continue to quickly and effectively detect fraudulent activities, recover stolen funds and prevent future fraud occurrences.
Early in 2008, FFC decided to move forward with an automated incident reporting system that could be implemented corporate-wide. Their system of choice was IRIMS’ successor: Perspective by Resolver. In the months that followed, they began configuring the system to suit their needs, and Perspective was deployed in June 2008. The range of forms and fields available in Perspective allows FFC to thoroughly document all incident and case details electronically, along with a range of supplementary materials, such as ATM surveillance footage, pictures of forged checks, interview transcripts and communications with law enforcement.
All of FFC’s incident information is now stored in a single, comprehensive, corporate wide database that can be accessed by any Perspective user, at any time, from any location. Given the appropriate user rights, any member of FFC’s Security Department can search, analyze and report on fraud data at the affiliate bank level, the regional level or across the entire corporation.
With Perspective, FFC’s Security department can easily identify commonalities and links between incidents and cases, such as common suspects, victims or modus operandi. As Kofler states, once an investigator realizes that a recent fraud incident is related to a previous occurrence, they can examine the investigative information collected in each record and, hopefully, uncover something new:
“When we decided to migrate from IRIMS to a new system, one of our primary goals was to have the ability to link cases throughout the entire corporation. For instance, if an investigator is working on a case with a particular suspect, one of the first things they will do—before entering the suspect’s information into Perspective—is search the Perspective database to see if a person record for the suspect already exists. If their search turns up another case involving the suspect at a different affiliate bank, they can easily pull up this other bank’s case record in Perspective and see if it’s connected to the case they’re working on. This only takes a couple of minutes, and the information they come across might be extremely helpful to their investigation. Before Perspective, there’s no way an investigator could have done this.”
Since every fraud loss recorded in FFC’s general ledger is also tracked in Perspective as part of an incident or case record, FFC can compare data tracked in the two systems to verify that all fraud incidents have been properly documented and investigated. For instance, if a particular loss value appears in the general ledger’s operating risk loss account for check fraud—but does not appear in any of Perspective’s check fraud incidents or cases—the Security Department may not have been properly informed of the incident; they must then research the loss and determine an appropriate course of action.
Further, the fraud data tracked in Perspective is often used by FFC to supplement information recorded in their general ledger’s operating risk loss accounts. While their Perspective incident classification schema was customized to mirror the classification system used in the general ledger (with classes of ATM fraud, check fraud, wire fraud, etc.), Perspective’s schema includes four tiers of classification, allowing the Security Department at FFC to categorize fraud incidents more precisely in Perspective than in the general ledger. For example, an incident classified simply as check fraud in the general ledger may be more precisely classified in Perspective as check fraud/forged check/forged signature/FFC check.
Perspective’s detailed classification schema can be particularly useful when generating reports for senior management. Explains Kofler: “When senior management reviews the general ledger report, they may have questions about the losses recorded and want to see the figures broken down. While those details are not available in the general ledger, they are tracked in Perspective. For instance, a report can easily be pulled in Perspective—the Incident Classification Report—that will break down all fraud incidents by class and category and provide detailed loss figures for each classification. If necessary, detailed reports on individual incidents or cases can also be pulled for highly specific loss information. Whenever there is a question about a general ledger account, we can turn to Perspective for the answer.”
Such reports are invaluable in helping FFC pinpoint incident hotspots, areas of concern and emerging trends. Once the Security Department is aware of which types of fraud incidents are occurring most frequently and causing the greatest amount of loss, corrective actions can be taken to mitigate the risk of future loss.
In addition to the preconfigured reports found in Perspective, Kofler relies on Perspective’s Analysis Expert to deliver answers to critical questions: “The Analysis Expert is one of my favorite features in Perspective. With its querying capability, I can virtually pull any information I’m looking for. For example, if a regional branch manager notices that their operating risk loss for check fraud is relatively high compared to the previous year and questions me about it, I can create a query for all the branches in the region that lists each fraudulent transaction, along with the dollar amount lost and even the name of the teller involved. Then, with this detailed report in hand, it’s easy for both of us to identify the problem area. We might realize that a majority of the check fraud losses in the region are occurring at one particular branch location and that one particular teller is always taking the fraudulent items. Of course, we will have to investigate further to determine what the underlying issue is, but we’ll have a starting point. We’ll know where to take action to stop the fraud from happening again in the future. Moreover, if the data indicates this fraud activity is part of a larger pattern or trend, we can get an alert out to other branches in the region, or across the corporation, to be on the lookout for a similar situation.”
Though difficult to measure, fraud prevention is perhaps Perspective’s most powerful benefit for FFC. Certainly, when they first began using Perspective, their main focus was on getting data entered into the system. However, now that their Perspective database has grown to include numerous fraud incidents from across the corporation’s eight affiliate banks and hundreds of locations, FFC’s Security Department is able to extract a wealth of information that is useful for preventing fraud. States Kofler:
“All of our fraud data is available in Perspective, and we can pull valuable information from it in so many different ways. We certainly feel that we’re better able to track fraud trends and provide more meaningful information to management. Where Perspective has been really helpful is in finding out which areas of the organization face the highest risk of fraud. Based on this information, we’ve been able to upgrade some of our processes and take action to hopefully reduce and prevent future fraud losses. Of course, fraud prevention is difficult to quantify because you don’t always know what you’ve stopped if it hasn’t occurred. The only thing you can do is compare your loss numbers from year to year to see if they drop. Our fraud losses are definitely not increasing, and in this economic time, that’s a very good sign.”
The benefits the Security Department has derived from Perspective have certainly caught the attention of other departments within FFC. Both the Debit Card Department and Audit Department, which handles internal investigations, are considering implementing Perspective in the future. Like the Security Department, they hope to consolidate their data electronically in a single Perspective database for corporate-wide searching, analysis and reporting.
As FFC brings more departments on board with Perspective and increases the range and amount of data available for reporting and analysis, they will likely find even greater value in Perspective. Not only will it become easier to detect incidents and recover losses, but they will also be better equipped to identify the policies, procedures and security measures that allow fraud (and other types of incident activity) to occur in the first place.
Remarks Kofler: “We’re really excited about what Perspective has in store for us in the future. When we first installed Perspective, it was fairly new, and over time, Resolver has continued to make enhancements and improvements based on users’ recommendations. As a result, Perspective just keeps getting better and better. It’s a great product, and we’re really happy with the results we’ve seen.”
Resolver would like to thank Glynnis Kofler and Fulton Financial Corporation for sharing their experiences with Resolver.