By Valerie Jundt
For banks, unclaimed property compliance can often take a backseat to other critical issues. However, if unclaimed property issues are not managed and addressed properly, the associated risks of noncompliance can directly impact customer retention, the reputation of your bank, and the business of growing assets.
Unclaimed Property: The Definition & The Duties
Unclaimed property is any financial obligation generated during the course of an organization’s daily operations that is due and owing to another party whether it may be a customer, vendor, employee, or investor. For property to be considered unclaimed by state law it must be held or issued in the ordinary course of business, a debt or obligation to a creditor (owner) and unclaimed for more than the statutory dormancy period.
When property goes unclaimed for longer than the statutory dormancy period, it is a holder’s duty to file an unclaimed property report listing the relevant information (including the account owner’s information, amount and property types) in the state mandated format to the state of the owner’s last known address. It is important for holders to comply with state provisions pertaining to their obligations to perform due diligence, maintain copies of the reports and supporting documentation, and protect the funds until they are reported and transferred to the state.
With a lengthy list of duties, maintaining compliance is often difficult and overwhelming, especially for those who lack the internal resources. Many banks find themselves losing customer assets due to escheatment or struggling to develop policies and procedures to properly prevent and/or address escheatment. Customer relationships are the bedrock for banking success, but if assets that consumers have entrusted to your bank are escheated to the state, those relationships could be in jeopardy – or worse, terminated altogether. In order for banks to avoid these risks, they must understand unclaimed property issues at a fundamental level, but also take the necessary steps to reduce the opportunity for escheatment and increase the retention of customer relationships and assets.
Managing Multiple Jurisdictional Requirements
The unclaimed property landscape is accompanied by various challenges and complexities due to the lack of uniformity across the reporting jurisdictions. Despite most states’ unclaimed property laws being modeled after one of the four Uniform Unclaimed Property Acts, no two state laws are alike. The nuances and intricacies that exist between state laws require banks to closely monitor the legislative and regulatory environment to determine if any pending or passed legislation will impact their organization, customers, and most importantly, their obligations.
Banks can begin to assess their reporting obligations by first looking at the states in which they operate. If they operate in multiple states, the banks must determine which jurisdictions they owe an unclaimed property report. When customers move to different states without a forwarding address and leave an account(s) in the state of origin, the bank will be required to report the unclaimed property to the state of the owner’s last known address.
Another area for high consideration is if your institution has gone through a merger or acquisition. Banks involved in a merger or acquisition should be aware that when one bank acquires another, they also acquire all of the associated unclaimed property risks and liabilities. A thorough review of each bank’s dormant accounts and corresponding outreach should be a top priority to minimize escheatment. Note: Prior to converting customer data into the acquiring bank’s systems, it is critical to make sure that a) a copy of the original information is preserved for record keeping purposes and b) that the account owner information transferred accurately (in particular the date of the owner’s last activity on the account). Oftentimes the date of the conversion overrides the date of last activity and becomes the date recorded.
And lastly, the banking industry has seen a pronounced trend of reduced dormancy periods for banking property types such as savings and checking accounts. Since 2003, the number of states that operate under a three-year dormancy period for most banking properties has increased by 90%. This trend of reduced dormancy periods results in a shorter timeframe for banks to confirm owner activity, locate and communicate with customers that may appear to be dormant and perform due diligence to prevent escheatment.
The Lone Star State Specifics
Since 2007, approximately $1 billion of unclaimed property has been returned by the Texas Comptroller.1 Texas has prioritized unclaimed property as a top business initiative and has implemented programs to return lost assets to its citizens.
Banks which are domiciled in Texas or which have a reporting obligation to Texas must be aware of report deadlines, the required banking property types to report, and statutory dormancy periods, in addition to the multitude of state-specific requirements.
Below is a brief listing of requirements for banks with a reporting obligation to Texas:
- Unclaimed property reports are due to the Texas Comptroller of Public Accounts on July 1. The cut-off date for banks to submit unclaimed property reports is March 1.
- The most common property types for banks to monitor are checking accounts and savings accounts. The dormancy period for these types of accounts is three years.
- Banks are required to retain records for 10 reporting years after the date on which the property became reportable, including the supporting documentation.
- Negative reports (which are reports that must be filed if no reportable property exists) are not required in Texas and should not be submitted.
Those responsible for filing unclaimed property reports should reference Texas’ Unclaimed Property Reporting Instructions for complete information.
Banking Best Practices
Banks both large and small can begin the path to compliance by performing an initial self-review to identify areas of potential exposure for current and past due property. Following an assessment of your bank’s current filing status and past reporting practices, you should:
- Link accounts together and encourage online account monitoring – If your bank offers online banking, it is a best practice to ensure that all of a customer’s accounts are linked together so activity can be assessed holistically.
- Conduct proactive searches – It is essential to use all of the available search resources to reconnect with owners such as electronic search programs, credit bureaus, real estate records, and phone records.
- Act early and prioritize outreach based on dormancy periods – With a large volume of inactive accounts and limited time for owner location and reactivation, it is important to develop a formal knowledge of this population so you can start communication efforts quickly.
- Send multiple notifications using a variety of communication tactics – Using varied communication techniques and changing the appearance of each communication will also accelerate and increase overall response, as will customizing the specific details of the communication to the customer’s unique situation.
- Continuously educate customers and employees – Whether it is on the web or printed on statement inserts, educating customers about the need to keep their accounts active is a worthwhile endeavor.
- Conduct periodic reviews performed by an independent unclaimed property specialist – While no one knows your business processes better than you, an independent specialist can often identify and detect potential gaps and risks in compliance. The comfort of reaffirming that compliance is being met and the procedures are working as stated is well worth the effort as well.
When managed properly, banks can safeguard their customer accounts from escheatment and prevent costly audits. Through the strategic implementation of internal policies and procedures or with the help of an experienced partner, your bank can directly increase asset retention and customer relationships while simultaneously minimizing escheatment and reducing the encountered compliance challenges.
Valerie Jundt is Managing Director of Keane’s National Consulting & Advisory Services. For more information on Keane’s services to the banking industry, please visit www.KeaneUP.com
1 Aldridge, J. (2013) Texas Returns $1 billion in unclaimed property. San Antonio Business Journal. Retrieved from http://www.bizjournals.com/sanantonio/news/2013/07/10/texas-returns-1-billion-in-unclaimed.html
On Wednesday, September 24 at 2 p.m., IBAT Services will host a webinar showcasing IBAT’s newest endorsed product - WatchDOG Social Compliance.
Learn more about the evolving customer communication puzzle that comes with Facebook messages, tweets, blog posts, text messages and video. Ensure your bank is communicating effectively, as well as complying, through social media channels.
Registration is now open for the 60 minute webinar.
Staff contact: Gordon Moore, email@example.com, 512-275-2245
The best bank boards are always looking down the road in an attempt to improve and modernize their institutions to better serve their communities. In a recent article featured in IBAT's magazine, S. Scott MacDonald, Ph.D., of the Southwest Graduate School of Banking (SWGSB), outlined the questions that should be on every board member's mind, including:
- How do we prepare for changing economic conditions?
- What are the essential elements of a superior balance sheet?
- How do we build and maintain a strong management team?
- How will new regulatory and compliance requirements affect the bank?
- What do new consumer technology trends mean for the future of banking relationships?
- How do we control noninterest expense and generate noninterest income?
These and other questions will be explored in earnest at the upcoming Certified Community Bank Director Program (CCBD®) on October 31-November 1. Registration is now open. We look forward to seeing you in Dallas in October.
Staff contact: Julie Courtney, firstname.lastname@example.org, 512-275-2227
Testifying before Congress last week, America's top banking regulators expressed their support and agency efforts for mitigating costly and time-consuming regulations for community banks.
Federal Reserve Governor Daniel Tarullo said his agency is considering policies that could exclude community banks, such as the Volcker rule and incentive-based compensation requirement. He also said the agency is recalibrating its community bank examination process.
Comptroller of the Currency Thomas Curry told the committee that his agency works to tailor its supervisory programs to bank risk and complexity and listens to community bank concerns with its rulemakings. He cited rules on lending limits and capital.
FDIC Chairman Martin Gruenberg cited his agency’s research of community banks and pledged a continued commitment to research and analysis on community banking issues.
IBAT and ICBA have worked tirelessly to advocate the need for federal agencies to consider the impact and applicability of existing and new regulations on community banks.
"It is heartening to hear that our message that a one-size-fits-all regulatory approach doesn't work is finally resonating with the agencies," said IBAT President and CEO Chris Williston. "I sincerely hope we soon see evidence that banking regulators are carefully considering every regulation and its applicability to financial institutions consistent with risk profile and their banking practices."
Staff contact: Chris Williston, email@example.com, 512-474-6889
A rule recently proposed by the Financial Crimes Enforcement Network (FinCEN) would require financial institutions to identify beneficial owners who own, directly or indirectly, 25% or more of a legal entity. Last week, IBAT submitted a comment letter to FinCEN registering opposition to this further expansion of customer due diligence requirements. The letter detailed a number of complex legal questions that arise from the proposal, as well as IBAT’s belief that it would add to the significant regulatory burden already faced by community banks.
IBAT encourages every financial institution in Texas to use our letter as a guide in drafting and submitting comment letters to FinCEN on this unnecessary, expensive and time-consuming regulatory expansion.
“As a community banking trade association in a border state, we are sensitive to the need for customer due diligence in opening and maintaining accounts,” said Chris Williston, IBAT President and CEO. "However, a balance must exist between regulatory need and regulatory cost that doesn’t exist in the proposed rules.”
Staff contact: Shannon Phillips, firstname.lastname@example.org, 512-275-2221
The month of October has been designated as National Cybersecurity Awareness month, a component of the Department of Homeland Security’s Stop.Think.Connect.™ Campaign. During October IBAT members are encouraged to promote greater awareness of everyday cybersecurity threats among their employees and customers. To do so, a number of resources are available here, including:
"The bad guys are good, and getting better at what they do", said Chris Williston, IBAT President and CEO. "It is incumbent upon all of us to take appropriate steps to address this growing threat to our institutions and our customers."
Most everyone, by now, has heard about Janet Yellen’s dashboard; that amalgamation of labor-related statistics and measurements that she uses to gauge the vitality of the job market. This week, accompanied by much hoopla, the Fed announced that it was coming out with a shiny new version of Janet’s dashboard; this time with a bigger screen. A bigger screen! Market participants are hopeful that this expanded viewing perspective will give policy makers a clearer picture of how they’re doing. Unfortunately, one of the first of the bigger images was a bigger than expected jump in Initial Jobless Claims.
The September edition of IBAT’s Consumer Tips is now available to download. This month’s issue includes information on how you can help seniors in your family and community avoid being victims of fraud and details some of the most common tactics used by criminals to defraud seniors.
Click here to download the article. As always, IBAT’s consumer tips article will be distributed to weekly newspapers around the state of Texas. If you would like a customizable edition of the tips to share with your customers or for distribution to your local paper, please contact Christopher Williston.
Staff contact: Christopher Williston, email@example.com, 512-275-2208
The Economic Growth and Regulatory Paperwork Reduction Act of 1996 (EGRPRA) requires that the FFIEC, OCC, FDIC and the Fed review regulations at least once every 10 years. The purpose of this review is to identify outdated, unnecessary or unduly burdensome regulations and consider how to reduce regulatory burden on insured depository institutions while, at the same time, ensuring their safety and soundness and the safety and soundness of the financial system. The second EGRPRA review is underway, and IBAT commented on some of the regulations currently under review. These comments address Change in Bank Control (Reg. Y), Appraisal Rules and Availability of Funds and Collection of Checks (Reg. CC). The final report from the first EGRPRA review was submitted to the Congress in 2007.
Staff contact: Shannon Phillips, firstname.lastname@example.org, 512-275-2221
The IBAT Board recently endorsed Glenn Hegar in his race for Comptroller of Public Accounts. The Hegar campaign announced the endorsement in a press release last week. Additionally, the IBAT PAC has contributed financially to his campaign.
As included in the release, "IBAT is pleased to endorse Glenn Hegar for the critically important position of Comptroller of Public Accounts,” said Steve Scurlock, executive vice president of IBAT. "We have had the pleasure of working with Glenn in both the Texas House and Senate, and have also observed his leadership on a variety of difficult issues over the years. He is forthright, smart, articulate and willing to work to find solutions to move Texas forward. He is a good man, and we have no doubt he will make an outstanding comptroller."
“Job creation and innovation has put Texas on the map,” Hegar added. “The community banking industry is a vital part of our state’s economy and provides many of our small business owners in Texas the resources they need to expand their businesses. I am honored to have their endorsement and look forward to working with them as the next comptroller.”
Staff contact: Steve Scurlock, email@example.com, 512-275-2226
By Bruce Zaret, Carolyn Bremer, James Mihills and Neha Patel
In February 1999, the movie “Office Space” portrayed a comedic tale of company workers who hate their jobs and decide to rebel against their boss. The workers band together to alter the company’s accounting application and route small amounts to a bank account they control. The film demonstrated that employees committing the fraud were “average Joes” who found a way to circumvent the system.
In June 2014, a former officer with a Texas financial institution was ordered to federal prison for defrauding her former employer. Using her position as branch manager from 1998 to 2010, the bank officer used the names and personal information of several individuals, without their permission, to create more than 58 fictitious loans. She was able to defraud the bank of approximately $2.4 million.
Who were the “suspects” in each of the instances above? They were long-term employees familiar with the processes, who understood where the internal control weaknesses existed. Employee fraud, or occupational fraud, according to the Association of Certified Fraud Examiners (ACFE), is “using one’s occupation for personal enrichment through the deliberate misuse or misapplication of the organization’s resources or assets.”
With banks heavily regulated, they tend to have more internal controls than most industries. Yet, banking has the highest incidences of occupational fraud. When considering the enormous number of internal controls banks require, individuals may think it is difficult to commit internal fraud. Add to the equation that a bank’s internal controls are reviewed by regulators, internal auditors and financial statement auditors and it leads one to question, “How can fraud exist after all these highly-skilled professionals have reviewed the bank’s internal controls?”
But aren’t these trusted employees?
Overwhelming data supports that internal controls alone are not enough to prevent and/or detect fraud. While internal controls only provide reasonable assurance, any control can be overridden or circumvented by people with the right knowledge and motivation.
Research also supports that internal fraud is often committed by long-term employees who are faithful and dedicated to their organization. These are often the individuals no one suspects.
Motivation for long-term employees to commit fraud includes: (a) feeling unfairly treated, (b) having been emotionally hurt by a colleague with the desire to seek revenge, (c) having financial difficulties which cause added stress, or (d) just because they can.
Where to start: fraud identification, prevention and detection
Most banks are probably burned out on conducting risk assessments. Be of good cheer because the following is not a typical risk assessment. Here, bank management can put on their sleuth hats and get creative. The objective is to start by looking at various areas of the bank and identifying scenarios or possible fraud schemes. These represent the risks. Although the risks seldom focus on trusted, long-term employees, these employees tend be in the best position to manipulate or work around the system. Because of their tenure, they can often give instructions and not be questioned. This is why they represent a greater occupational fraud risk.
Things to consider when evaluating internal fraud schemes or “red flags”:
- Management compensation is closely tied to company value, profitability or key performance indicators.
- Management team is dominated by a single person or small group.
- Employees are permitted to set up GL accounts and/or post journal entries without oversight.
- Employees regularly override controls, such as having the ability to process transactions without following established protocols.
- Employees have broad access to multiple applications and physical locations without oversight or monitoring.
- Employees have been in the same role for a number of years and their duties are not performed when they go on vacation.
The following depicts common internal fraud schemes committed by long-term employees along with possible controls to mitigate the fraud risk:
Areas Typically Vulnerable
Common Fraud Scheme
(Prevent / Detect)
· Taking cash from a teller drawer or vault over a period of time and adjusting reconciliation to cover
· Surprise cash audits
· Review over/short account activity and reconciling items
· Creating fictitious loans with the ability to disburse funds
· Advancing funds to self or related party on an existing customer loan
· Funding reviewed by an independent employee
· Review past due reports by loan officers and management
· Automatic mailing of past due notices by third party
· Processing of a fraudulent wire from a customer account
· System parameters requiring two employees to process and release wires
· Callbacks performed by one employee, separate from the employee receiving the wire request
· Daily reconciliation of correspondent bank/wire clearing accounts by an independent person
· Creating a fictitious vendor to receive disbursements
· Change address for funds diversion
· Review system-generated vendor maintenance reports by an independent employee
· Provide system-generated check register to officer signing checks to verify all disbursements are included
Information technology considerations
Information technology controls specific to fraud prevention and detection include:
· Restrict system access by limiting the ability to authorize, approve and override transactions to the fewest number of individuals who require the function for their job responsibilities.
· Develop segregated roles in the system. This will prevent an individual from being able to bypass controls built into the system/application. Separate any one user’s ability to initiate and approve (or override) within the system.
· Use application controls. Some systems have automated controls that can be configured to require a second approval before proceeding, or triggering a supervisor approval for transactions above established thresholds.
· Review the setup of new clients, vendors, employees. A monthly or quarterly review of newly established master data files will help organizations identify if something requires further follow up.
· Perform data analytics over specific transactions. This may include transactions that are initiated outside of normal business hours; or by individuals who do not typically perform a function.
· Establish logs and actively review for specific events; those activities that relate to abnormal events, like overriding a step/approval.
The following can help bank management in developing a fraud risk mitigation strategy:
- Establish written guidelines for ethics and codes of conduct. Ensure employees receive fraud and ethics training at least annually. This helps management and board communicate expectations and establish a strong tone from the top.
- Establish an employee hotline to report suspicious activity to the audit committee or to another independent party.
- Perform reconciliation of key balance sheet and internal DDA accounts (including secondary review). This aids in detecting suspicious transactions.
- Conduct targeted internal audits by independent, qualified employees or by a third party.
- Require mandatory five-day vacations annually, with monitoring conducted by Human Resources.
- Periodically rotate assignments of routine duties.
- Be aware of “red flags” such as employees living beyond their means, experiencing financial difficulties, having a close association with a vendor (potential kickbacks), exhibiting control issues, displaying a reckless attitude with money, or experiencing a major life event such as divorce, major illness or addiction problems.
How to handle those “unusual suspects”
Fraud is increasing at a dramatic rate and most banks are not aware of the risk until an event occurs. The risk is often compounded by human nature to trust, especially tenured employees. A good rule of thumb to consider is the adage President Reagan used: “Trust, but verify.”
Fraud risk can be mitigated by developing a culture of fraud awareness coupled with employee training, and establishing appropriate internal and technology controls. If someone becomes suspicious or aware of employee fraud, a qualified forensics professional should be used to confirm whether or not fraud has occurred, and to ensure a proper protocol is followed to gather evidence for legal proceedings. Fraud investigations require certain expertise and skills, and the bank should ensure those performing investigations possess the proper forensic training and credentials.
A 2014 Report to the Nations from the ACFE indicates:
- Banking and financial services was the industry group with the highest reported fraud cases at 17.8%.
- For the cases reported, the median duration from the time the fraud commenced until it was detected was 18 months.
- The median fraud loss was $145,000, with 22% of the cases having losses of at least $1 million.
- More than 40% of fraud cases were detected by a tip – twice the rate of any other detection method. Employees accounted for nearly half of all tips.
Organizations with hotlines were much more likely to identify fraud by a tip. These organizations experienced frauds that were 41% less costly and detected frauds 50% more quickly.
Bruce Zaret, CPA is a partner in financial institutions consulting and advisory services at Weaver, the largest independent accounting firm in the Southwest. Carolyn Bremer, CPA is a senior manager in Weaver’s forensic and litigation services; James Mihills, CPA is a senior manager in Weaver’s financial institutions consulting and Neha Patel, CPA, CISA is a senior manager in Weaver’s IT advisory services. They can be reached at: Bruce: 972.448.9232, Bruce.Zaret@Weaver.com; Carolyn: 972.448.6951, Carolyn.Bremer@Weaver.com; James: 817.882.736, James.Mihills@Weaver.com; and Neha: 972.448.9804, Neha.Patel@Weaver.com.
The Consumer Financial Protection Bureau recently issued its updated small entity compliance guide on international fund transfers. As reported previously, the guide makes note of a temporary extension that allows federally insured financial institutions to estimate third-party fees and exchange rates when providing remittance transfer disclosures to account holders when exact amounts cannot be determined. It also clarifies other aspects of the rule, including:
- The treatment of faxes and certain written or electronic communications from a sender to the provider.
- Disclosure of website addresses other than the Bureau’s main website address that a provider may list on consumer receipts (including websites in foreign languages).
- Delays due to investigations required by fraud screening procedures, or BSA, OFAC or similar laws.
- Amount appropriate to resolve an error for the failure to make funds available by the date of availability.
Additionally, the CFPB released an updated guide on the TILA-RESPA integrated disclosures and an updated guide to the loan estimate and closing disclosure forms.
Staff contact: Shannon Phillips, firstname.lastname@example.org, 512-275-2221
The 2015 ICBA Convention will be held at the Gaylord Palms Resort & Convention Center in Kissimmee Florida, March 1-5. IBAT is pleased to offer to you and your directors a Post-Convention Program in Paradise Island, Bahamas – March 5-7.
Registration and room block are now open for this event, which will feature two educational sessions facilitated by consultants familiar to Texas community bankers.