Staunch security key as fraud perils increase; repetitive transfers tops safety precaution list for mortgage bankers.

Poor hedging strategies and sky-rocketing interest rates aside, one of the biggest reasons mortgage banks lose money each year is through treasury fraud. Some analysts believe banking industry losses from treasury fraud exceed $500 million each year and more than $10 billion losses already booked are attributable to treasury fraud.

And with the advances in technology occurring faster than lenders can count them, the opportunities for fraud have grown over the last few years, particularly new schemes being developed that threaten secondary marketing and loan servicing operations.

Kevin Crichton is keeping an eye out for these schemes. As overseer for the Arbor National Mortgage Corp.'s corporate treasury department, he is cautious of the effects of new technologies, such as sophisticated computers and color copiers that can easily duplicate corporate checks. One recent incident sticks in Crichton's mind.

"There were a string of fraudulent checks last year that Involved a chain of Northeastern mortgage banks that weren't using positive pay-type transaction services," he said. "They weren't using controlled disbursement accounts, and also had loose security on their corporate checks, and a lot of the money center banks got burned for millions on that chain."

Crichton said following that incident, Arbor got calls from some of its mortgage banking neighbors - including Natwest and Chase Manhattan - that were curious as to whether Arbor had been burned. "We told them ~no,' and talked to them about some of the preventative things they could do."

Crichton, who has been in mortgage banking for more than 10 years, has served as treasurer with Travelers Mortgage - which is now GE Capital - from 1976 into the late 1980s.

In 1991, he became senior vice president and treasurer of Arbor National, a publicity held mortgage bank based in Westbury, N.Y. Now in charge of Arbor's corporate treasury, as well as its loan administration and servicing departments, Crichton's expertise in preventive measures that deter fraud has been called upon by the Mortgage Bankers Association during the last two MBA-sponsored financial management conferences, most recently in Boston May 16 to 18.

Crichton said the nature of the mortgage banking business creates many potential dangers. "There is a lot of cash moving back and forth, and a company's annual sales report doesn't paint an adequate picture of just how much is done between [lenders] and third-party companies," he said.

"For every one retail transaction, there are literally a half-dozen subsequent cash transactions, including inflowing cash flow from customers, check disbursements and servicing of secondary market functions."

Arbor constantly reviews it transaction accounts, including the often exacting task of reconciling its sometimes voluminous operating accounts on a daily basis. That task is a critical function that some lenders - who may be lining themselves up for potential problems - perform only on a weekly, or even monthly basis instead.

Another - and one of the best - precaution lenders can use in secondary marketing is through repetitive transfers. A repetitive transfer system - Arbor calls its system "Positive Pay," other banks call it "Match Pay" - is a computer-driven system that automates most transactions between a bank and its customers.

Crichton said while most mortgage banks already use this kind of system - many still don't.

"We consolidate the cash administrative flows, disbursement deposits for loan administration, as well as secondary market flows through [our] corporate treasury department," Crichton said. "We view external and agency shipping [securitization], and all the daily reconciliation and disbursements. By controlling cash flows and watching our operations closely, we decrease likelihood of fraud in [our] cash management operations."

Those risks can be diminished by enforcing precautionary measures, including limiting employee access to various functions - i.e. disbursements of checks, automated cash handling and direct deposit accounts.

"Physical security is also key," Crichton said. "Limiting access to card key access locks, check-signing machines, personal computers and secured rooms, win help reduce risks. We don't allow the sharing of passwords and actually change them every 39 days.

"We also limit the number of people who may borrow or trade for our hedging portfolio," he said. "There's only two or three [people] authorized to perform those functions. For instance, our secondary marketing employee can only trade mortgage-backed securities, he cannot borrow or invest."

For reprint and licensing requests for this article, click here.
MORE FROM AMERICAN BANKER