Arrest in Major Insider Fraud Case

Expert Questions Why Scheme Not Detected Sooner
Arrest in Major Insider Fraud Case

A major insider fraud scheme at a community-based credit union should never have flown under the radar of banking regulators, one fraud-fighting expert says. Had the actions of this executive been reviewed, this scheme would have quickly been detected, the expert contends.

See Also: Free Cybersecurity Awareness Kit

Last week, authorities arrested Alex R. Spirikaitis, the former president and CEO of the now liquidated $23.6 million credit Taupa Lithuanian Credit Union in Cleveland, after the Federal Bureau of Investigation listed him as a fugitive on the FBI's "most wanted" list. In July, the Northern District of Ohio charged Spirikaitis with falsifying documents related to Taupa Lithuanian's financial health.

From December 2011 to July 2013, Spirikaitis, allegedly veiled his theft, which included unaccounted for deposits made to unnamed institutions totaling more than $15 million, investigators say. In fact, it wasn't until the National Credit Union Administration and Ohio's Division of Financial Institutions within the state Department of Commerce took possession of the credit union and its computer systems that the alleged scheme was detected, court records show.

Authorities allege that Spirikaitis physically altered account statements related to deposits made to Corporate One Federal Credit Union, which held correspondent banking accounts for Taupa Lithuanian. Corporate One was Taupa Lithuanian's only correspondent banking institution.

"He printed out numbers he wanted to report to auditors and the NCUA and taped them over the real numbers from the true Corporate One bank account statements," one investigator's affidavit states. "Spirikaitis then photocopied the altered document, resulting in a document that mimicked the appearance of a statement coming directly from Corporate One."

Later on, Spirikaitis used software programs that allowed him to download documents and then alter the fonts on his computer to further conceal his fraud, investigators claim.

In all, more than $15 million in deposits that were supposedly made to other credit unions are believed to have been falsified, a crime regulators and others should have detected much sooner, says Shirley Inscoe, an analyst at financial consultancy Aite Group.

"This story plays out time and again," she says. "Nobody questions a high-level officer of a financial institution, even though they are in a role with tremendous authority and have the ability to do great harm."

More Scrutiny from the Top

Banking institutions' boards of directors, as well as regulators, need to review the performance of senior executives at all institutions more frequently and scrutinize them more closely, Inscoe says.

Al Pascual, a financial fraud analyst with consultancy Javelin Stratety & Research says the NCUA should have raised red flags sooner.

"NCUA began to offer online call reports between 2009 and 2010, which should allow them to more quickly identify problems with CU [credit union]= balance sheets while also facilitating faster remediation by CUs," he says. "While the manual call report process does remain, the fact of the matter is that any assets which a CU claims to have with another depository institution should be easily confirmed by the NCUA. In this case the funds supposedly deposited with Corporate One represented the majority of Taupa Lithuanian CU's capital. In similar situations going forward, regulators would be well served to confirm the availability and location of assets as specified by smaller institutions in their call reports - if not quarterly, then annually, at the least."

NCUA spokesman John Fairbanks says the NCUA is working to enhance its auditing procedures, especially where smaller credit unions are concerned. Staff training on the enhanced exam procedures for small credit unions is underway, he says.

"The exam process is not a fraud exam; but with enhanced procedures, we expect to improve early detection," Fairbanks says. "All staff will be trained on these procedures and they can be applied in all situations where fraud is a concern, but are especially targeted for small institutions."

The NCUA also recently moved to an annual exam cycle, which puts examiners on-site at federal credit unions more frequently, he adds. "This will also help to reduce the size, and possibly detect, fraud earlier," Fairbanks explains.

Pulling Off the Scheme

In December 2011, investigators say Spirikaitis claimed to have deposited just more than $16 million with correspondent credit unions, yet, in reality, only $560,000 was deposited with Corporate One.

To pull off the scheme, Spirikaitis allegedly altered bank account and deposit statements he reported to the NCUA and Corporate One, claiming deposits were being made to other, unnamed, credit unions.

Inscoe says the scheme hinged on Spirikaitis' ability to access information and falsify reports that were not questioned by other employees and board members at the institution.

"I've never seen an FI [financial institution] include high-level executives in any internal fraud [detection] system deployed; those are always geared toward lower-level employees who exist in large numbers, such as tellers, call center representatives, etc.," Inscoe says. "This fraud was largely enabled by technology - he was able to download statements from another credit union, make changes to reflect the balances he wanted to show using software to ensure fonts matched the originals, and then print the revised statements to provide to auditors."

In this case, more review of the falsified documents by other staff would have helped detect the fraud sooner, Inscoe adds. But it appears that the credit union had no dual-controls in place for account access and subsequent deposit reporting with federal regulators, she says.

"The only thing that could have prevented this is old-fashioned dual control - two people who would have had access to the online statements so one could have questioned variations on printed copies," she says. "The changes he made were so significant, it would have been identified immediately had someone else seen the accurate balance figures."


About the Author

Tracy Kitten

Tracy Kitten

Former Director of Global Events Content and Executive Editor, BankInfoSecurity & CUInfoSecurity

Kitten was director of global events content and an executive editor at ISMG. A veteran journalist with more than 20 years of experience, she covered the financial sector for over 10 years. Before joining Information Security Media Group in 2010, she covered the financial self-service industry as the senior editor of ATMmarketplace, part of Networld Media. Kitten has been a regular speaker at domestic and international conferences, and was the keynote at ATMIA's U.S. and Canadian conferences in 2009. She has been quoted by CNN.com, ABC News, Bankrate.com and MSN Money.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing cuinfosecurity.com, you agree to our use of cookies.