Presentation on theme: "RMLearningCenter.com Credit Union Risk Management… Is the method of management we use to identify, measure, and control risks that might threaten the."— Presentation transcript:
RMLearningCenter.com Credit Union Risk Management… Is the method of management we use to identify, measure, and control risks that might threaten the international credit union movement, its members, employees, and volunteers! Presented by: CUNA Mutual Benchmarking Team
RMLearningCenter.com Very Good! Lets Review!
RMLearningCenter.com Tips for public speaking: Know your audience wants and interests. Control your topic & promotions Its not only numbers that count Conference breakout vs. fireside chats? Learn from experience, teach by examples! Set the tone and expectations early… Read chapter IV…
RMLearningCenter.com Outline Benefits: Features tell and benefits sell… Encourage audience participation, but Control it! Be honest and admit what you dont know.. Focus on best practices it reinforces good behavior and avoids a focus on negatives that only foster defensive attitudes! Keep it simple and down-to-earth…
RMLearningCenter.com UK CUs are Normal: They dont think it will happen to them.. Theyre prone to ½ life and cynical attitudes that ignore reality. They want to be liked.. Theyre real focus is on family and personal survival.. They prefer to be heard and not told…
RMLearningCenter.com Very Good! Lets Review!
RMLearningCenter.com The benefits from this session are many! Well discuss… Risk Management fundamentals, The status of RM projects in the UK, Fidelity bond risk controls recommended for UK credit unions (To safeguard against Burglaries, Robberies, Frauds, Forgeries, Embezzlements, Scams, Plastic Card Fraud, Liability, etc.) The latest criminal Methods of Operation (MOs) in the UK, and well update your…
RMLearningCenter.com Session Benefits at a Glance – Continued.. Well help you update your RM Strategic Action Plans for… Creating controllable crime scenes, Creating defendable zones, Integrating security systems, and Adopting Crime Prevention Through Environmental Design principles into your facility management program, and…
RMLearningCenter.com Session Benefits at a Glance – Continued.. Well help you update your RM Strategic Action Plans for… Developing Best Practices RM training for employees, staff and volunteers, Developing public-to-private partnerships with law enforcement, fire fighters, emergency government and homeland security personnel, and well introduce 2007 Strategic Action Plans for…
RMLearningCenter.com Session Benefits at a Glance – Continued.. Well introduce 2007 Strategic Action Plans for… Developing a Credit Union Incident Command and Control System in 2007, Deploying an Incident Command and Control at the CU Chapter level, Updating credit union housing-in-place and evacuation protocols! And, Well discuss any risk that threatens the UK credit union movement!
RMLearningCenter.com Session Benefits at a Glance – Continued.. Well use case studies to highlight what the crooks are doing and what we need to do to catch them! For example… Is our credit union and chapter ready for the next natural disaster, terrorist attack, or pandemic? Is our credit union part of any branch banking network? What changes should we have made in your contingency, business continuity, and management succession plans since ?
RMLearningCenter.com Session Benefits at a Glance – Continued.. Well use case studies to highlight what the crooks are doing and what we need to do to catch them! For example… We know crooks are learning to use the internet to recruit and train. Are we? Youll learn how to reverse trace and authenticate transactions, and how to analyze a written statement or internet scam. Youll learn how to manage concentrated risks and exposures to reduce looting, burglaries, robberies, and frauds during and after natural disasters, terrorist attacks, or a pandemic.
RMLearningCenter.com Evolution Of RM and CU Movement - continued 1960s Robbery and burglary 1970s Forgery and check fraud 1980s Embezzlement and disasters 1990s Violence in the workplace »A»Armed robbery, bomb threats and disasters 2000 Electronic commerce 2001 – 2003 Violence in The Workplace! –B–Bomb Threats & Extortion –T–Terrorism, Anthrax Scares, Threat of Biological Warfare –I–Internet Fraud, Scams, Money Laundering and –Criminal Integration
RMLearningCenter.com After there was a quantum shift from proactively management risks to proactive planning to respond to any large scale community or country crisis! Rich Woldt September 11, 2001 … Terrorists attack the World Trade Center in New York City, NY USA! 2005… The world is racked with tsunamis, hurricanes, earthquakes, tornados, bombings, and daily threats of future terrorist attacks. Emergency governments around the world adopted the Incident Command and Control System (ICS) as a response standard and NIMS to standardize response terminology.
RMLearningCenter.com After there was a quantum shift from proactively management risks to proactive planning to respond to any large scale community or country crisis! Rich Woldt Emergency governments around the world adopted the Incident Command and Control System (ICS) as a response standard and the National Incident Management System to standardize response terminology.
RMLearningCenter.com After there was a quantum shift from proactively management risks to proactive planning to respond to any large scale community or country crisis! Rich Woldt From all levels of government the order goes out to form effective first responder Public – to – Private partnerships. Critical industries are asked to set response protocols based on: –A–A 72 hours stand-alone performance standard, –R–Required housing-in-place performance standards, –R–Required upgrade in high-rise evacuation standards, –D–Demonstrated active community involvement in contingency planning with a focus on responding during a natural disaster, terrorist att
RMLearningCenter.com This is a what if exercise: We use what ifs much like we use worst case scenarios and reverse RM logic So if…
RMLearningCenter.com This is a what if exercise: We know the losses credit unions and the insurance industry experienced during Katrina, what if: All credit unions and members were identified by their zip or postal code? All victims had the following info stream on the left fore arm: (Zip code, name, age, medical disability, physical disability, destination land line number, personal cell phone #?
RMLearningCenter.com This is a what if exercise - continued All CUNA Mutual bond/insurance files could be sorted by zip/postal code? All CUNA Mutual employees could be sorted by zip/postal code? All credit unions and CU chapters could be sorted by zip/postal code? All CU members could be sorted by zip/postal code?
RMLearningCenter.com Could we not than better… Identify our bonded and insured exposures in harms way? Measure our potential claims based on exposure concentrations? Assemble and position response assets to include CUNA Mutual first responders? Track and indemnify victims, thereby reducing loss adjustment expenses (LAE) and CU extra expense?
RMLearningCenter.com Could we not than better… Customize RM workshops, presentations, on- site analysis, etc. to regional and local area risks s
RMLearningCenter.com Lets begin with… A Review of RM Fundamentals!
RMLearningCenter.com Risk Management fundamentals: Please define and explain the following: The three RM steps? The two types of risk? The five RM controls? The two ways you measure risk? At least three tools of transfer?
RMLearningCenter.com Very Good! Lets Review!
RMLearningCenter.com Risk Management A Method Of Management Our 2007 goal is to speed up the process! 1.Identify Currency & cash items 2.Measure Frequency & severity 3.Control
RMLearningCenter.com Pure Risks - only loss, never a gain Robbery & burglary Embezzlement Other forms of dishonesty Fire and disasters Speculative Risks – You hope to gain, but you can suffer a loss New products, programs, services and laws Two Types of Risks
RMLearningCenter.com 5 Risk Controls Use them in the following order! Avoid Reduce Spread Assume and Effectively Transfer to Someone Else –I–Insurance, Bonds, Hold Harmless Agreements
RMLearningCenter.com Risk Management fundamentals – continued.. Please define and explain the following: –Underwriter Laboratorys (UL) burglary resistant ratings and/or European equivalents, –UL fire resistant labels and/or equivalents, and –How to rate an unlabeled container!
RMLearningCenter.com Very Good! Lets Review!
RMLearningCenter.com The Evolution of Security Technology: Underwriter Laboratories Ratings – A Testing Standard Insurance Services Office ISO & The American Society of Industrial Security write Construction Standards Its Burglary Resistant NOT Burglary Proof! Money safes –TL-15 & E –TL-30 –TR-30 –TRTL-30 –TRTL-15x6 –TRTL-30x6 Currency vaults –5R –6R –10R –Type I, II, III –Modular –Class I, II, III
RMLearningCenter.com The Evolution of Security Technology: Underwriter Laboratories Ratings – A Testing Standard Insurance Services Office ISO & The American Society of Industrial Security write Construction Standards Its fire Resistant NOT fire Proof! UL Record Safes Class A, B, C, D hour hour hour UL Records Vaults 2 hour 4 hour 6 hour Doors should equal the fire resistance walls, ceiling & floor!
RMLearningCenter.com The Evolution of Security Technology: Automated Teller Machines A Story of Evolution from the 1920s Night Deposit Boxes –Fish and trap resistant chute –Dual locking container ATMs & High Velocity Cash Dispensers –Business hour –24 hour level #1 –24 hour level #2
RMLearningCenter.com Risk Management fundamentals – continued.. Please define and explain the following: Door, lock, window, hinge-pin, security, Object, perimeter, and area alarm security, Internal and external alarm line security, and On-demand, CCTV, and digital surveillance systems! Discuss installation, testing, and maintenance standards for each of the above:
RMLearningCenter.com Risk Management fundamentals – continued.. Please define and explain the following: Embezzlement and internal dishonesty, Scams and external fraud, Fictitious & unauthorized loans, Separation of duties, Reverse Tracing, Transaction authentication, Positive account verification, PIN & PAN controls
RMLearningCenter.com Risk Management fundamentals – continued.. Please define and explain the following: Cash flow analysis, Disaster recovery, vs. Contingency planning, vs. Continuity Management, vs. Event Management, Kiting, Lapping and withholding deposits, Cash letters & holders in due course, Mysterious disappearance, Spot-check verifications, etc…
RMLearningCenter.com Risk Management fundamentals – continued.. Please define and explain the following: Phishing, PHarming, Skimming & refreshing, Identity Theft, How to do a back-ground investigation, How to use the internet to do RM research, How to do a credit check, How to trace transactions back to source documents!
RMLearningCenter.com Risk Management fundamentals – continued.. Please define and explain the following: A contract of good faith, Deductibles, Actual cash value, Replacement costs, Extra expense, Negotiable security, Barer instrument, Exclusions and endorsements,
RMLearningCenter.com Risk Management fundamentals – continued.. Please define and explain the following: The three most important points to make when writing an RMA report, How to defend cash item storage recommendations, How to submit a memo to file or incident report, How to locate physical address for fire department and how to make emergency call,
RMLearningCenter.com Risk Management fundamentals – continued.. Please define and explain the following: The difference between a fire and a bomb threat evacuation, How to respond to an earthquake, tornado, anthrax scare, and bomb threat, How to handle an embezzlement suspect, and How to take command and control of any life threatening incident!
RMLearningCenter.com Risk Management fundamentals – continued.. Please define and explain the following: Duties of an Underwriter, Duties of a Claims Adjuster, Duties of an Actuary, Duties of an Account Representative, What do all the above have in common? Hint; They are all Risk M s!
RMLearningCenter.com Profile of the Credit Union Embezzler Suspicious life style Cant leave or relinquish control Tale wags the dog Overly religious Easily excited Works late and alone
RMLearningCenter.com Profile of the Credit Union Embezzler Full of Rationale & Justifications Im only borrowing, Others are doing it, Im underpaid and overworked, Thats all I did, Ill never do it again, Always has a need & looks for an opportunity. Knows he can escape or blame others. You didnt tell me I was doing wrong, Has a character disorder.
RMLearningCenter.com Profile of the Credit Union Embezzler Character disorder? We all have them, Cant tell right from wrong, Seldom admit theyre a thief. Who can your trust? Grandma – grew her CU with bogus accounts Reverend - sold CDs to family and farmers, Uncle - stole members money, home and wife – The dismembered member Are you guarding your inactive and dormant accounts?
RMLearningCenter.com Embezzlers are all On A Path Prison! Most starts small - Open cash drawer Common funds Withhold currency Lap deposits Kit using multiple accounts Manipulate family member accounts
RMLearningCenter.com Embezzlers are all On A Path Prison! Use dormant & inactive accounts Transfer funds to accounts they control Use expense accounts Hide funds in GL clearing accounts Collection department fraud Most find their way to your loan files Unauthorized loans Fictitious loans
RMLearningCenter.com Internal Controls Safeguard Your Reputation Dual controls –Night depository –Lost and found –Smart safes & combinations Rotate and separate duties Require extended vacations Never post to your own account!
RMLearningCenter.com Internal Controls Safeguard Your Reputation Passwords No one but you should know or have access to your passwords! Change it every 90 days! Train all Staff first day on the job! Supervisory override controls! Use and audit override printouts!
RMLearningCenter.com Forgery – Frauds – Scams & Your run of the mill con-artist! Forgery controls when face to face Beware of bogus ID Require signed, pictured ID and verify details Teach signature verification procedures Fraud controls over landlines and Cell Phones Caller ID systems Ask open ended questions Call back procedures Fax security procedures Good luck Call Backs
RMLearningCenter.com Plastic Cards Fraud controls and technology Card mailing procedures Card Activation programs PIN & PAN controls with member education Personal identification number and personal account number CVV & CVC set to decline –Visas Card Verification Value (CVV) – M/Cs Card Validation Code (CVC) All on-board - neural networks
RMLearningCenter.com Audit Controls These should be Required Supervisory Committee –Surprise cash counts –100% Member account verifications –New account verifications Board of Directors –Rotation & separation of duties –Cross training to catch a thief –Independent auditors report to the Board –Fraud policy – Use it – Review it – Sign it
RMLearningCenter.com The Fraud Policy Honesty & Accountability Sets tone from the top, Provides meeting of the minds, Defines whats not permitted, Gives grounds for discipline or dismissal, Saves legal costs, Protects reputations, Review it, update it and Sign it annually!
RMLearningCenter.com To Catch a Thief! These Should Be Required Credit Committee –Separation of duties –Loan officer minute controls –New loan verification procedures Loan Audits –Finger audits –Collection audits
RMLearningCenter.com Fidelity Self Analysis Its Purpose and Evolution Deters and detects embezzlers. Start with canceled checks. Follow transactions back to source documents. Use forgery detection skills. Leads to a more detailed audits. Driven by logic and fraud indicators. Focus on quickly finding fraud indicators Have written action plans in case you find fraud!
RMLearningCenter.com Your Crime Fighter Goal? Hold People Accountable for Their Actions Audit and Internal Controls protect -- *Strong employees from fraud opportunities, *Weak employees from temptation, & *Innocent employees from suspicion!
RMLearningCenter.com How Do You Handle Suspects? With Care and Compassion Never call them a crook! Notify Supervisory Committee! Focus on the facts! Consult authorities on how to proceed! Notify Bonding Company! Dealing with suspects: When, where and how!
RMLearningCenter.com Very Good! Lets Review!
RMLearningCenter.com Everyone wants your money! Common scams to get it: Phishing Lotteries & Sweepstakes Internet Auctions / e-Bay Telemarketing Nigerian Scams Plastic Card o Credit & debit cards o ATM cards
RMLearningCenter.com Phishing IT slang.. But it really does mean fishing for information. Account numbers at banks and credit unions Social security numbers Credit card account and security numbers Passwords Personal information; i.e. birthdates, parents names, affiliations, etc. Spam or pop-up messages & hyperlinks Appears to be from a legitimate business, online service or government agency. Links to genuine websites with legitimate pages; such as privacy policies or product information. 85% of all sent is SPAM – subsequently receive endless repetition of worthless text or pop-ups.
RMLearningCenter.com Phishing What to look for - Methods Deceptive subject lines Forged senders address Genuine looking content Disguised hyperlinks Web Site Methods Genuine looking content URL appears genuine Collection of information & use of forms Incorrect URL (not disguised) Pop up windows Trojans / worms / spyware How to protect yourself - Steps to protection NEVER provide ANY financial or personal information NEVER click on hyperlinks with s Use Anti-virus software Keep software updated (automatic upgrades) Dont open strange Look for https and padlock on the site Clean up Spyware & Adware Learn about Internet fraud Check you credit report Ask for help Methods Deceptive subject lines Forged senders address Genuine looking content Disguised hyperlinks Web Site Methods Genuine looking content URL appears genuine Collection of information & use of forms Incorrect URL (not disguised) Pop up windows Trojans / worms / spyware Steps to protection NEVER provide ANY financial or personal information NEVER click on hyperlinks with s Use Anti-virus software Keep software updated (automatic upgrades) Dont open strange Look for https and padlock on the site Clean up Spyware & Adware Learn about Internet fraud Check you credit report Ask for help
RMLearningCenter.com Plastic Cards Credit & debit cards ATM cards Do NOT give anyone your CARD Number or 3-digit Security (CVV2) Code PIN Memorize your PIN – Do NOT keep it with your card Do NOT keep it in you wallet or purse Do NOT give it to ANYONE – not even your family members CVV2 Security Code Card not present transactions Verified by VISA Be aware of your surroundings at ATMs Check the machine for unusual / suspicious things Shield the area when entering your PIN Be sure its well lit at night Do NOT give anyone your CARD Number or 3-digit Security (CVV2) Code
RMLearningCenter.com Lotteries & Sweepstakes Occurs when the victim pays money to someone in anticipation of receiving something of greater value. (Something too good to be true!!!) Lotteries Sweepstakes Found money Work at home (Advance Fee Scheme) How it happens: notification with instructions on your next step USPS mail, often accompanying a check or money order with instructions Send money for validation of prize Deposit check, then wire funds for taxes or other redemption costs
RMLearningCenter.com Lotteries & Sweepstakes (Advance Fee Scheme) Your credit union account Beginning balance: 2. Deposit it into your credit union account a. CU places a 7-day hold on the funds 3. 7 days pass and you withdraw $13,000 a. $10, is sent via Western Union to the instructed person and bank number b. $3, is spent by you on bills 2.Deposit $15,000 3.Withdrawal $13,000 $ $ 15, $ 2, One month later, the check is returned to the credit union as counterfeit 4.Returned $15,000 check - $12, Receive check in the mail for $15,000 And now you owe the credit union $12, and the thief got $10,000
RMLearningCenter.com Super Complete New twist: Rather than requiring tax payments in the e- mail, the recipient is referred to an attorney who may assess a fee before a certificate can be issued. A n o t h e r L o t t e r y W i n n e r ! ! ! Lotteries & Sweepstakes
Lotteries & Sweepstakes (How to avoid the scheme) If its too good to be true …. Its too good to be true!! Ask yourself: did I enter a lottery? did I sign up for a sweepstakes? especially in a foreign country !!! DONT Play – Foreign lotteries are ILLEGAL! Do NOT respond to them!!!! Legitimate sweepstakes do not request money from you for processing or taxes. Are there rules? If so, are they easily understood? Do they ask for your bank account number, SSAN or credit card number?
RMLearningCenter.com Internet Auctions / e-Bay Both buyers and sellers have been scammed through the use of e-Bay or other on line auctions. Buyers - Non – delivery of items purchased. Misrepresentation of value. Fee stacking. Black-market / counterfeit goods. Shill bidding. Sellers - Contact from buyers outside US. Counterfeit checks, money orders Check overpayments 3 rd party agents Act now pressure Use of Escrow accounts Second chance offers Use of Escrow accounts Disappearing item Demanding /contacts Offers to pay for shipment
RMLearningCenter.com Internet Auctions / e-Bay - Avoiding Fraud - Understand as much about how the auction works as possible. Find out the actions the website/company takes if a problem occurs. Carefully examine the feedback of the buyer or seller. Evaluate the shipping requests. Arrange for payments – be careful of escrow accounts. Know your legal obligations. Protect your identity and your funds. Do not give out your SSAN or DL to the seller. Protect your credit card security numbers.
RMLearningCenter.com Telemarketing - Red Flags - If the caller tells you that …… You must act now or the offer wont be good. Youve won a free gift, vacation or prize, but you have to pay for postage and handling. You must send money, give a credit card or credit union account number.. Or have a check be picked up by a courier. Keep this confidential. Theres no need to discuss this with your family or your family attorney or accountant. You cant afford to miss out on this opportunity. HANG UP
RMLearningCenter.com Telemarketing - Avoiding Fraud - Buy only from known, or familiar, companies. Get the sales persons name, business, phone #, address, and business license number BEFORE you purchase. Do NOT pay for services in advance. Dont pay anything for a free gift or prize. Federal law prohibits payments for taxes. When giving to a charity, always find out the percentage is paid for commissions & administration expenses; and how much goes to the actual charity. Never give personal or financial information over the phone. Dont be afraid to demand answers. Uncomfortable? … Just hang up!
RMLearningCenter.com Nigerian Scams Similar to an advance fee scheme; Nigerian letter fraud also includes: Impersonation, or false identification of sender. Offers opportunities to share in a percentage of millions of dollars. Self proclaimed government official, wealthy exiled family or business exec. Difficulty in transferring funds from their country to the US. Request to contact them for interest. You may be encouraged to travel overseas to complete the transaction. Requests for plain letterhead, credit union account information and phone/fax numbers. Subsequent requests for up-front money. Often accompanied by fraudulent documents bearing Nigerian letterhead and officials signatures.
RMLearningCenter.com Nigerian 419 Scams
RMLearningCenter.com Nigerian Scams 5 Rules for doing Business with Nigeria NEVER pay anything up front for ANY reason. NEVER extend credit for ANY reason. NEVER do ANYTHING until their check clears. NEVER expect ANY help from Nigeria. NEVER rely on US to bail you out! Why would ANYONE in Nigeria (or anywhere else in the world for that matter) contact YOU for assistance to transfer their money into the US? PLUS – one question ….
RMLearningCenter.com Some Statistics Source: Federal Trade Commission Wisconsin Top 5 Fraud Complaints for Wisconsin Consumers
RMLearningCenter.com Who to Contact U.S. Secret Service (www.secretservice.gov) Financial Crimes Division 950 H Street, N.W. Washington, D.C (202) U.S. Postal Inspection Service (www.USPS.com/postalinspectors)www.USPS POSTAL INSPECTION SERVICE 433 W HARRISON ST FL 6 CHICAGO IL Phone : Fax :
RMLearningCenter.com Who to Contact U.S. Treasury Dept (www.ustreas.gov) Bureau of Engraving and Printing 14th & C Streets, SW Washington, DC (202) Office of the Comptroller of the Currency (www.occ.treas.gov) Customer Assistance Group 1301 McKinney Street Suite 3450 Houston, TX FAX:
RMLearningCenter.com Who to Contact Federal Bureau of Investigation (www.fbi.gov) J. Edgar Hoover Building 935 Pennsylvania Avenue, NW Washington, D.C (202) Federal Trade Commission (www.ftc.gov)www.ftc.gov Consumer Response Center 600 Pennsylvania Ave., NW, H-130 Washington, D.C
RMLearningCenter.com Who to Contact Major Credit Bureaus: web request copy fraud unit Experianexperian.com(800) (888) Equifaxequifax.cm(800) (800) TransUniontransunion.com(800) (800)
RMLearningCenter.com Thank You Rich Woldt Risk Management 007
RMLearningCenter.com Risk Management fundamentals – continued.. Please define and explain the following: Physical security first –Doors, locks, safes, and vaults Alarm security –Object, area, perimeter - Line security Surveillance & Access Controls Discussion of installations, maintenance, and testing standards for 2007!
RMLearningCenter.com Risk Management Security Technology Evolving with the Movement! Credit Unions are driven to safeguard life, liberty and the pursuit of economic freedom. As member services evolved so have regulations, security management methods and subsequent security technology: NCUA Regulation #748 – Minimum Security Devices and Procedures NCUA Regulation #749 Off-site Record Reconstruction Program
RMLearningCenter.com Risk Management Methods New, more effective crime fighting methods! Facility Security Analysis: –Crime Prevention Through Environmental Design (CPTED) Defendable Zones –Security Integration Proprietary, Community, County, State & Federal, Chapters, Leagues, National Associations, etc. Controllable Crime Scenes, a trap that works! Casing puts you out in front!
RMLearningCenter.com Casing – Staying ahead of the crooks! Walk-the-walk and youll Talk-the-talk Crooks case targets to increase their probability of success. We case targets to solve crimes, correct security concerns, safeguard against the next crime, and increase the probability crooks will be caught, prosecuted, convicted, and sent to prison for a long, long time!
RMLearningCenter.com Combating terrorism, armed robbery & the fear of violence in the workplace! Defendable zones Hi-tech alarms and warning systems Digital surveillance Security system integration Best practices training GPS & Cellular Technology RMLearningCenter.com
2004 – There is a shift to – Proactive Risk Management The Evolution of International RM Projects Accountability and Ownership Training Alternatives –Self assessments, case studies and best practices! –Casing your own crime scenes! –Creating controllable crime scenes! Expanding to Community, County, Country and International Protocols! Pursuit through capture, prosecution, conviction and sentencing! RMLearningCenter.com
Revised Risk Management Principles, Current Methods and Updated Protocols 2004 and Beyond CPTED - Crime Prevention through Environmental Design Security Integration Security Application & Technology –Before, during and after disasters Community Response and Recovery –Emergency Response Protocols Law Enforcement – Blue Team Fire, EMT, Hospitals – Credit Unions & Corporate America – Red Team FEMA, Red Cross, Salvation Army, HAZMAT, etc. – Orange Team –Professional Associations and Support Groups ASIS, FCI, ACFEI, RMLC, chapters, Leagues, Associations, etc.
RMLearningCenter.com A Zoned response works best during a recovery operation. Its easier to inventory and protect recovery resources, and position personnel to support either a strike or mission based operation. Traffic flows in one end of the site and out the other to minimize congestion, accommodate supply lines, decontaminate personnel and assist victims through triage, tracking them through hospitals and full recovery. Ground Zero Demilitarized Zone Response and Recovery Zone Reconstruction Zone Response, Recovery & Command Center Zone Before Food Flows Out! After biological attack food and supplies flow in to critical incident command centers! Recovery personnel and resources flow in one end of the site and out the other!
RMLearningCenter.com Very Good! Lets Review!
RMLearningCenter.com Proactive Risk Management Methods, Strategies and Accountabilities Our goal is to harden criminal targets against criminal acts And creating controllable crime scenes to reduce internal and external losses!
RMLearningCenter.com Very Good! Lets Review!
RMLearningCenter.com Violence In The Work Place Credit Unions Combat Intimidation Policy & plans –Tone from the top –Communicated to all Set no tolerance zone Report & document Follow-up & document Train a response team –All department managers –Offers third party intervention
RMLearningCenter.com Threat Assessment Teams Document - Document - Document - Document - Document Listen to co-workers –Encourage reporting –Keep confidential & demonstrate action Investigate immediately Review the records Document events and action taken Report to the entire crisis management teamReport to the entire crisis management team Follow-up!
RMLearningCenter.com Family & Contingency planning – keeping in touch! Attackers divide and concur – Dont let them! Locate: –Tested contact numbers and verified schedules –Tested answering machine procedures –Sealed envelopes and updated itineraries –School contact numbers and class schedules –Neighbor names and contact numbers Lockdown & Link –Private security, law enforcement and 3 rd party intervention –Secured landlines, fax machines, internet addresses, etc. –EOC and Red Cross Tracking and intervention.
RMLearningCenter.com Experience has taught --- Knowing what to expect will put you in control Smart criminals offer little time! Buy time & theyll lose! Theyll be prepared to provide Proof of life –Demand Proof the hostage is unhurt and alive. Take control! Tell them -- –I must notify our auditor! Hell call the police! –I must involve others! I cant control what theyll do! –I have people in my office. What should I do? How? –Our policy requires me to tell my manager! –What should I tell him? Ask open ended questions and take notes: –Who, what, where, why and when
RMLearningCenter.com Continued: Hostage Survival – Take care of the family! Assign one person as their advocate. Keep the family fully informed. Contact their physicians, if health is a concern! Protect family members from the media and unwelcome visitors. Use media effectively.
RMLearningCenter.com Hostage Survival Steps in the right direction! Have a written extortion policy. Have a violence in the workplace team. Notify Others - according to policy and plan. Never go it alone. Contact Police and FBI! –Request a Detective and trained Hostage Negotiator. –Per plan, attempt to verify the person in fact has been kidnapped. Dont over-reacting (Bogus busy signals, a change in plans, etc.)
RMLearningCenter.com Continued: Hostage Survival – Make sure you following your plan! Limit knowledge to your critical incident management team! –Need to Know. –Gossip will endanger the hostage –Beware of an accomplice in the office. –Beware of Media leaks Arrange protection and care for victims immediate family. Determine payment guidelines for authorities. –The family decides to pay or not –The credit union should have a board approved extortion policy (kept confidential).
RMLearningCenter.com Continued: Hostage Survival – Whether youre the hostage or part of the recovery team – Take care of yourself! Rest when possible. Use professional negotiators (another voice). Avoid coffee & drink water! Exercise to keep alert. Accept – Youve done your best! Remember family and call them. –This is a time to come together and stick together –Time to build a Sense of Being in Control
RMLearningCenter.com Forensic Investigation – Give me the facts - only the facts Youre still in control when you get the call or receive the letter Expect him to say -- Were observing you! –Ask how? You only have a short time! –Ask how much? Well harm you and your family! –Ask how? Were holding someone you care about! –Ask who and where? You bring the money! –Ask what if I cant and ask for detailed instructions I want half a million dollars, now! –Ask how can I get that much?
RMLearningCenter.com Forensic Investigations: Assemble Pertinent Information! Current photographs in differing attire. Travel itineraries for past 30 days (Envelopes) Landline, cellular & pager numbers Health Records: Condition, required medications, allergies, distinguishing characteristics (tattoos, piercing, scars, etc.) Other contacts (family, friends, business Associates, recent visitors, tenants, landlord, neighbors, etc. Assess information hostage might provide: Financial & Other
RMLearningCenter.com Extortion Is your credit union ready? Extortion policy and plan –Involve law enforcement –Notify board of directors All upper management and board Envelopes - bigger every year Cellular phone - technology integration Locate, lock-down, and link Defensive driving, walking, and alert living
RMLearningCenter.com Executive Protection Safety, security and survival is a 24 hour effort! Identify and prioritize targets: –Kidnap, Extortion, Robbery, Stalking and Terrorist Identify and prioritize Motives –Attackers are driven by motive Money, currency, greenbacks and more money Confidential, top secret and proprietary information Anger, revenge, sexual attractions, opportunists Family & Contingency planning keep in touch Do you know where your family is? Do they know how to contact you?
RMLearningCenter.com Executive Protection Continued – Target Assessment When -Where & Why Are you running like a railroad? –Vary routes, times, persons and patterns –Be inconspicuous and unpredictable Have you been lured from your zone? –False alarms and home invasions Is your backup in place and ready to roll? –Callback procedures and action plans Have family contingency plans been rehearsed?
RMLearningCenter.com Executive ProtectionGetting Back On-board – Self Defense Learn to evaluate your surrounding and potential threats, early. –People waiting for the bus watch one direction. Drive with windows up, doors locked, keep your space, and know a bailout route. –Stop so you can see their back tires. –Drive 5-MPH faster than they can run. –Rear-end a squad car.
RMLearningCenter.com Executive Protection The Art of Self Defense Martial arts: –Learn from aficionados. –Learn how to use your fingers, elbows, legs, arms, teeth, and body weight as a weapon. –Invite a black belt to speak at your staff meetings.
RMLearningCenter.com Military Training Do you remember? Staggering troops during search and rescues? Move out alpha –Cover me bravo! Using the vertical & horizontal butt strokes? Your basic rear-strangle take down hold? Following through to submission?
RMLearningCenter.com Executive ProtectionGetting Back On-board Limit carry-on to what will fit under your feet. Select an aisle seat if you plan to fight, a window seat if you plan to hide. Select a seat near the cockpit if you plan to defend, and a seat near the back if you dont.
RMLearningCenter.com Executive ProtectionGetting Back On-board Identify your shield: –Computer, briefcase, backpack, jackets, blankets, pillows and cushions. Identify your weapons: –Hot coffee, anything you can throw, sharp objects, keys, your body is a weapon. Dont hesitate. –ACT and REACT until youre in control.
RMLearningCenter.com Very Good! Lets Review!
RMLearningCenter.com Has evolved from Disaster Recovery to Business Resumption to todays Contingency Planning! Disaster Recovery (1940s s) –(Influenced Civil Defense Programs) –1970s NCUA #749 & off-site storage of vital CU records Business Resumption (1980s – 1990s) –Earthquakes & The New Madred Fault warning, –Planning to survive a credit union disaster World trade center bombing 1993 Oklahoma city bombing 1995
RMLearningCenter.com Has been driven by worse case scenarios! 2000 – Y2K Contingency Planning 9/11/01 – terrorist strike the word trade center The 9/11 impact on Contingency Planning
RMLearningCenter.com Building the solid foundation for your future! Contingency Planning - Fundamentals: Building the solid foundation for your future! Set the tone from the top –Or youll be pushing a rope uphill! Select appropriate plan writers and alternates, –Or youll miss important details! Designate and train Recovery Teams: –Damage Assessment Team (DAT) –Disaster Recovery Team (DRT) Focus on Your Worst Case Scenarios Write plans that will help you survive, recover and grow! –RMLC faculty recommend the Parking Lot Approach
RMLearningCenter.com Contingency Planning – Four (4) key functions: Recovery often depends on your focus, immediate action and plans that outline proven response protocols! Life safety: First aid, evacuation, & tracking victims through recovery. Protect: Physical property from fire, vandalism, the elements, etc. Transportation: From danger to shelter, food, telephones and entertainment. Communications: Notifying friends, family and fellow employees. Includes proactively handling the media. I ts your shift to Critical Incident Management
RMLearningCenter.com A 3-Day program for stepping up to the plate! Continued - Shifts to proactive Risk Management A 3-Day program for stepping up to the plate! Day one – Shift from your Standard Management to Critical Incident Management mode! Immediately: Provide victim assistance, activate recovery teams, declare the disaster, establish communication links, set up EOC, ICC and staging areas and focus on taking control. Day two – Regroup, reevaluate, assemble facts and communicate facts via plan-approved channels. Begin the formal recovery process. Day three – Focus on getting back to work, and back to normal! Reach out to extended victims and set up a program to monitor the victim recovery process.
RMLearningCenter.com Chapter & Community Responses to Biological Attacks! Ground Zero Demilitarized Zone Response and Recovery Zone Reconstruction Zone Response, Recovery & Command Center Zone Before Food Flows Out! After biological attack food and supplies flow in to critical incident command centers!
RMLearningCenter.com Contingency Planning – The Parking Lot Approach! How to build the solid foundation your future depends on! Adopt a common methodology for all locations, –It helps cross training and rotating staff, and –Ensures a focus on critical services! Keep it simple, flexible, realistic and fun! –Include and request input form all employees –Use Bergees ABC & –Keep it confidential & secure! Schedule tests, updates, and Board approvals.
RMLearningCenter.com Questions Please Rich Woldt CPP, CFE CEO- The Risk Management Learning Center ACFEI – Level III Certified Homeland Security Instructor Licensed Private Detective
RMLearningCenter.com Thank You! Rich Woldt CPP, CFE CEO- The Risk Management Learning Center ACFEI – Level III Certified Homeland Security Instructor Licensed Private Detective