Printer Friendly

Security with interest.

SECURITY WITH INTEREST

ROBBERY. CHECK kiting. white-colar crime. These are some of the security threats David McGough, CPP, faces in his job for Nashville-based First American Corporation, Tennessee's largest bank.

Personal computers (PCs). Kite detection systems. Software programs. These are some of the security tools McGough uses to fight these threats in today's corporate environment. According to McGough, who is vice president and corporate manager of bank protection, security at a bank today has to be a streamlined operation. "Saving money and personnel while still having an effective program is essential to survival," he states. "We have to work smarter, and computers are one way to do it."

First American Corporation, a multibank holding company that was incorporated in 1968, currently operates 150 banking offices, primarily in Tennessee, and has $7.2 billion in total assets. The total security staff for First American consists of nine people, including McGough. "In today's economic environment you must not be overstaffed. Because of the cost-conscious world we live in, we have to be aware of our staff. We already operate on a bare bones basis and are as efficient as bigger security operations," he says.

The nine-person force - which consists of McGough, a manager, area security representatives, investigators, clerical staff, and staff that transport funds - operates from a central location in Nashville. "Part of our working philosophy is that we don't stay in our office," McGough explains. "We are always out on the road, training and working with employees at different bank locations to stop security problems before they happen. We like to be proactive, not reactive."

This small security staff also supplements its personnel power by using the resources of other departments of the bank. Members of the staff work closely with the auditing group, credit review personnel, and the legal section on internal investigations to stop potential frauds and uncover those that have already occurred.

One of the major tools used by this security department is the computer. "We are PC driven," notes McGough. "We use very few people, but computers are everywhere." For example, computers are used to fight one major fraud, check kiting, which is taking advantage of uncleared checks to inflate an account balance artificially. When McGough came to First American three years ago, he helped set up a computer program called the Kite Detection System (KDS). First American banks have millions and millions of checks coming through their computers each year. To help detect potential kiting schemes, McGough and his security department purchased a software package to function on their host computer. The software package examines parameters such as number of deposits, dates of withdrawal, and dollars in float. If the checks match some of these parameters, they will show up on the printout of questionable accounts the software program generates each day.

"That program has saved us approximately $2 million over the last two or three years," McGough explains. "And, it has not cost us much in personnel because we let the technology work for us." After a potential kite scheme is discovered, the security department calls the bank in question and the account officer, and the account is shut down if necessary. According to McGough, "We've not lost one dime through a kite since I have been here."

In addition to KDS, the security department uses a reporting system tied to the computer that prints out on a daily, weekly, and monthly basis. The system charts all the corporation's losses by robberies and fraud according to

* day of the week;

* age of the robber;

* time of day;

* the month; and

* miscellaneous statistics such as disguises worn or not worn, weapons shown or not shown, male or female, Caucasian or other, and abusive or nonabusive. (See Exhibit 1.)

"We chart all our robbery and fraud losses as well so we can tell exactly where to put our resources - who needs the most camera coverage and which bank's employees need more training," McGough explains. In addition to the breakdown on robbery and fraud statistics, the security department generates a monthly report that lists the type of loss, the charged-off dollar amount, the recovered dollar amount, and the net loss and compares the figures to year-to-date figures (see Exhibit 2).

On the bottom of the list, the report shows potential losses and the amount of money the security department has saved First American through either the KDS report or fraud prevention programs. As McGough says, it helps to show that security is saving the corporation money.

IN ADDITION TO KITE DETECTION AND robbery prevention, McGough's corporate security services cover policies, procedures, and planning; physical security; fraud investigations; defalcation (embezzling) investigations; and security training. Being successful in these endeavors is crucial.

Developing policies and procedures was the first step of McGough's plan for First American's security when he arrived. With the help of his staff, he developed a policies and procedures manual that is given to each banking facility and office. It covers everything about the security program, such as procedures to follow in case of a robbery, fraud, or kidnapping and extortion and a guide to training employees in security awareness. The manual works as a kind of condensed security program.

Included in the manual is a crisis management program that is followed in case of an emergency. The manual lists emergency phone numbers and who to contact, if necessary, at the FBI, police department, and insurance carrier.

Physically security of the banks is mandated by the Bank Protection Act of 1968. The act covers certain standards the bank must maintain to make sure all equipment is operating properly and tested regularly. First American uses both closed-circuit television (CCTV) and still cameras both inside the facilities and at its more than 125 automatic teller machines (ATMs). The still cameras are used to take pictures of each transaction at the ATMs. McGough says, "We don't have a lot of problems with crime at our ATMs. We have good lighting, and we make sure the ATM is in a safe location. If it is in a more dangerous area, like some parts of Nashville, we put more money into protecting it."

The Nashville building that houses security and the corporation's computer center is protected by an access control system. Employees are issued access cards and must use personal identification numbers (PINs) to enter the main facility and individual departments within the facility. The computer facility within the building has another set of access control functions built in, and employees who operate PCs have passwords that allow them into only specified parts of the system. The different facilities within the building are monitored by CCTV cameras to further ensure access control.

Another part of First American's physical security program is a proposed proprietary alarm network for all facilities. "It will be a real state-of-the-art system," McGough notes. "I will be able to call up activity in any location in the corporation on my terminal."

McGough figures the proprietary move is advantageous financially because central station monitoring versus costs of guards could translate to a substantial savings for First American. Though the cost of the new system is higher than the present cost of the alarm network (including line costs, service contracts, and monitoring fees), factoring in amortization and depreciation schedules, the corporation would come out ahead.

For the future, McGough hopes to expand into biometrics. "I would like to use biometrics in critical areas like wire transfer," he says, "where billions of dollars are handled on an annual basis." Employees working in these departments would submit to biometrics such as retinal pattern matching. McGough even envisions retinal scanning being used at ATMs to verify customers' identities.

ONE OF THE BIGGEST PROBLEMS McGough and his team face is fraud prevention and investigations. McGough divides this responsibility into fraud investigations, or external fraud, and defalcations, or internal fraud. External fraud includes check fraud and credit card fraud.

"The credit card function itself has been transferred out of my department to the credit card retail division," notes McGough. "We still handle bank cards used in the ATMs." There are many ways to defraud a bank through a credit card, such as giving a fraudulent name and address. In addition, criminals can abuse others' credit cards by scams, such as calling someone up and saying, "You have won a free trip; give me your credit card number."

"Unfortunately, the bank experiences quite a loss due to credit card fraud since consumers have a responsibility for only a certain amount if their credit cards are stolen or abused," McGough explains. "The bank has to cover the rest."

The security staff at First American fights internal fraud, or defalcation, by preemployment screening and by having a reward program for employees who give information concerning fraud cases. The bank is required by law to make sure anyone it hires has not been accused of a breach of trust crime. To comply with that law, the bank fingerprints all employees and runs the fingerprints through and FBI check.

In addition, the staff does a credit check on all prospective employees in addition to a written preemployment screening test. "Credit is a mirror on your personal life," McGough explains. "It shows how you manage yourself. Of course, a credit check also shows if someone is in dire need of money and thus might be tempted to indulge in some white-collar crime." The testing can involve honesty testing and, for certain sensitive positions, integrity interviewing.

McGough notes that despite all the preemployment procedures at his disposal, internal fraud continues to be a significant problem. "Often stealing money from a corporation comes down to your own sense of morals. For some people, needing the cash means it is OK to steal the cash," he says. "We have hired people with magnificent reputations, and they have defrauded us when something in their life goes wrong - they develop an alcohol or gambling problem. Ten years before they were happy; today they're stealing to cover their problems."

Another deterrent to fraud is a reward program for information on internal theft. For example, bank tellers are given a reward for stopping a fraudulent item. "This reward program is another example of working smarter with less personnel. Why have 50 guards when you have a good operational access system? Why have a huge investigative team when your employees can do some of the footwork for you? If you use everything available on the market today and incorporate some innovative programs, you can work effectively with a lot less resources," McGough says.

Once fraud is uncovered, the security department reports to the corporation's audit group, and the auditors assist security people in reviewing the evidence and seeing if there has been a violation of internal policies and procedures. At that point, the security department may meet with the individual, present him or her with the evidence, and interview him or her to obtain a confession. All offenders are prosecuted, without exception. McGough notes, "It's not hard to get a confession from white-collar criminals; they are not hardened criminals so they break down pretty easily. It's getting the evidence to show them that is difficult.

"It's not like a manufacturing plant, where if an individual steals five tons of copper, he or she has five tons of copper. Here, we have to pull records, go through printouts, and figure out how someone did it. Fraud investigation is really a game of wits, and it's all played out on paper."

Internal fraud is McGough's biggest problem in the bank and one he attributes to a general decline of mores in society. "I have been in banking 17 years now, and in the last 10 years, white-collar crime has shown an increase. In the last five years, it's shown an outstanding increase. In the last three, it has shown a phenomenal increase - I mean it has skyrocketed."

IN MCGOUGH'S OPINION, HIS LAST area of security responsibility - security training - has slowed that increase down a little for First American, both because those likely to steal are shown the ramifications of getting caught and because those working with the cash are better trained to spot fraud. The corporation has more than 4,000 employees - and McGough and his staff are constantly on the go to various banking offices to train them.

"We have already trained 1,900 people so far this year," McGough explains. "We average around 1,500 to 1,800 per year." The training involves robbery prevention and how to respond to a robbery, fraud prevention and how to uncover and report fraud, and kidnapping and extortion prevention and how to respond if you are a kidnapping or extortion victim.

Extortion is a problem for bank employees because there is a common perception that if you work for a bank you must have money. "For example," McGough relates, "we had someone come in and notice a female employee sitting at a desk in the bank. He saw her nameplate and called later, asked for her, and told her to get $10,000 from the teller because he had taken her child from day care. We have had three threats like that already this year."

The training program also includes in-house videos the security department has made. For example, a teller may receive a couple of hours of training by someone from the security staff and then receive, perhaps through a video, training on what to do before, during, and after a robbery. The teller may be asked to read the policies and procedures manual, and when he or she gets to the workplace, he or she is given more specific training about the job.

The teller will be trained again on security matters by McGough or his staff on at least a semiannual basis onsite. This training will include how the security equipment works, how to use the alarms, and how to employ general security procedures. These would include robbery instruction that covers making sure the dollar amounts are down low so robbers won't get much if the teller is robbed and making sure the equipment works properly so a picture can be taken. There is also a dye pack that goes in with some of the cash, and tellers would be trained on when to include those. "However," McGough notes, "robbers are getting smarter. Sometimes they leap over the counter and pick out the money that doesn't have the dye pack.

"I think training is the strongest part of our security program. We constantly review and monitor the training videos and are always out on the road training, training, training. There is turnover, of course, so we go back and retrain."

McGough and his security staff use all the devices and technology available today to fight fraud and robbery. Using training, motivational systems like rewards, and other department's resources helps fight the battle against loss too. As McGough sees it, acquisitions and mergers have changed the outlook for today's security manager. "The financial climate has taken those of us who were perhaps not business managers before and made us business managers, not security people. If you can't meet that mold, you are history. It's just that simple."

"Everything I do I justify - whether it is staff salaries, three new PCs, or whatever. To survive in today's climate, you must provide the service and know how to do it efficiently. I feel that is what I do the most effectively, and I think it is the wave of the future for all security managers."

PHOTO : First American's corporate service center houses its computer facility. The building's extensive access control system requires employees to use cards and PINs and pass other security checkpoints to gain access.

PHOTO : Exhibit 1 Examples of Robbery Statistics

PHOTO : Exhibit 2 Report on Losses

About the Author . . . Terry Abrams is senior editor/writer at Security Management.
COPYRIGHT 1989 American Society for Industrial Security
No portion of this article can be reproduced without the express written permission from the copyright holder.
Copyright 1989 Gale, Cengage Learning. All rights reserved.

Article Details
Printer friendly Cite/link Email Feedback
Title Annotation:security at First American Corp.
Author:Abrams, Terry
Publication:Security Management
Date:Sep 1, 1989
Words:2639
Previous Article:Securing Tennessee treasures.
Next Article:Foreseeing one's duty to protect.
Topics:


Related Articles
CVB Financial Corp. reports record first quarter earnings.
CIBC Wood Gundy Securities Corp. Hires Joseph R. Liro as Chief Economist.
CVB Financial Corp. reports record earnings.
Pending revisions to Articles 8 and 9 of the Florida UCC: an opportunity for Florida to merge onto the information superhighway.
First American Reports 21 Percent Increase in Third Quarter Operating Earnings and Declares Dividend.
CVB Financial Reports Record Earnings.
IN BRIEF.
CVB Financial Corp. Reports First Quarter Earnings.

Terms of use | Copyright © 2016 Farlex, Inc. | Feedback | For webmasters