Ask the Experts: Risk Management
In this series, we take a look at the inner workings of the Credit Union and meet some of the champions who help our members in every facet of their financial lives. This month, we met up with expert Rachel Nguyen, who leads her team in detecting and preventing fraud to protect our membership.
Rachel is a 26-year resident of The City of Brotherly Love. She attended Olney High School and is a Pennsylvania State University alumni. She began her career as an IT professional with a utility company, where she held various positions over a nine-year tenure.
Rachel then served ten years in the financials and mortgage industry, where she held multiple leadership roles and was responsible for overseeing and leading audit, compliance-related engagements, processing improvement initiatives, and vendor risk management. Her primary areas of expertise include risk management, leadership and organizational development, vendor risk management, IS audit and controls assessment.
In February 2019, Rachel joined American Heritage Credit Union as the Vice President of Compliance and Risk. She oversees the Risk, Compliance, Bank Secrecy, Business Continuity Planning, and Fraud Investigation functions within the Enterprise Risk Management (ERM) department. One of her primary responsibilities is ensuring appropriate management of a broad array of uncertainties (threats, risks and opportunities) surrounding the achievement of the credit union’s mission, which is to serve its members and enhances their lives and the communities.
Fraud is one of the biggest risks to financial institutions and their members. Ranging from unauthorized account access to identity theft, fraud can devastate the lives of its victims. Because of this, fraud prevention teams work tirelessly to investigate suspicious activity and identify those responsible.
What are some of the most common types of fraud that consumers are experiencing?
Members are experiencing Phishing and Texting Scams. They are responding to phishing emails, texts and computer pop-ups. These seem to be most prevalent. They are also experiencing loan fraud scams in which they are offered a “loan”, which the member is “required” to pay the loan back immediately in order to establish better credit or repair their credit. The check ultimately turns out to be a fraudulent check deposited into their account by scammers. Scammers often require payment through a CashApp or similar payment process. When funds are sent via CashApp, they are not insured by the FDIC and funds often cannot be retrieved. It is literally like sending cash in the mail.
Not all scams target your bank account directly. Some scammers try and get sensitive information out of their victims, such as answers to security questions, to perform a takeover and lock you out of multiple accounts. This is why it is important to be aware of current scamming trends and to not reuse passwords.
What are some easy ways members can reduce the risk of fraud on their accounts?
Remember that is something is too good to be true, it probably is. Always be suspicious if someone asks for your account number, login information or offers to do something in your account. Do not ever allow anyone to access your account, even if they say it is to assist you. If you receive a call or email, do not respond to it. Only call back a verified number for the business. Never carry your password or account numbers with you.
One of the easiest ways to protect yourself is by being aware of the content you open and share online. Follow these simple rules for best results:
- Don’t open email attachments that you aren’t expecting
- Don’t open, reply, or forward suspicious emails
- Don’t click links that lead to unknown sites
- Don’t provide personal or financial information over email
- Don’t share passwords
- Don’t mass-forward emails
The Federal Trade Commission’s guide for avoiding and reporting scams can help you take the proper steps if you've been a victim of fraud.
For businesses owners, what are some cybersecurity risks they must confront? What impact does cybersecurity, or the lack thereof, have on a company or family’s finances and accounts?
One of the biggest cybersecurity risks they confront is malware through email. The Target breach was started by a simple email. An employee opened the malicious email and the virus infected the system. This turned into potentially 70 million affected cards. It is suggested that you keep your security software updated to protect against evolving threats. You should also limit control of internal systems to only those who require access. If an employee accidentally opens an infected email, the virus may be limited to systems they have access to. If the employee has full access, then the virus could spread to the entire system. Often these funds cannot be retrieved. The monetary loss is only one aspect to consider. There is also time loss, reputational loss, and more.
If you suspect you have been a victim of fraud, please contact us at 215.969.0777 or click here to learn more about protecting your account. To report a lost or stolen Debit Card, ATM Card, or Credit Card, call 800.991.4965.