December, 2014

In this Issue:
   Coin Counting Machines
   by Barry Thompson
Many financial institutions are now placing coin counting machines in the lobby for account holders. Train your staff to watch people using the coin counter as they would someone at the check writer desk. Using the coin counter gives a potential robber a great location to observe the layout of your banking office while going unnoticed by staff.
'Tis the Season...for Scams!
As the holiday shopping season begins, the FBI is warning shoppers to beware of cyber criminals and their aggressive and creative ways to steal money and personal information. Scammers use many techniques to defraud consumers by offering too-good-to-be-true deals via phishing emails advertising brand name merchandise, quick money making offers, or gift cards as an incentive to purchase a product. Remind your customers that if the deal looks too good to be true, it probably is, and to never provide their personal information to an unknown party or untrusted website. The FBI's Internet Crime Complaint Center (IC3) has the full alert.

Training Programs

Branch Audits: What is Going on Out There?
December 10
by Patricia Cashman
You set rules and boundaries for your children. Then they go off to college and chuck all of those restrictions out the door before they even get out of the driveway. Is this the way you feel about your branches? There are well-defined policies and procedures that are designed to assure assets are adequately safeguarded, transactions are properly documented and processed, and branch records are adequately maintained. But you have a suspicion that these policies and procedures have been amended or even disregarded by the branches. Fortunately, there is a way to determine whether your branches are compliant with the vision and rules set out by the parent financial institution - a well-crafted and executed branch audit!
FFIEC Cybersecurity Initiatives and Observations from the 2014 Assessments
January 6
by Susan Orr

Recent FFIEC releases have reemphasized bank regulators' concerns over cybersecurity and increasing risks of significant attacks on financial institutions to compromise the wealth of customer personal financial data they hold. In this two-hour presentation, Susan Orr analyzes the most recent FFIEC cybersecurity release to help financial institutions understand their federal regulators expect to see in the institutions' information security programs.

Welcome to the December issue of Security Spotlight
In this month's Security Spotlight, it's the most wonderful time of the year for bank robberies, identity theft, fake checks and seasonal scams! As Barry Thompson points out, some mischievous elves may use branch services for reasons other than intended. Give the gift of training on observation this holiday season!

A Robber's Reprieve and a Robber on the Run
The robbery that wasn't - In September 2012, Jorge Luis Oliveiros Ortega, then 22, entered a bank in Toronto, Canada, walked up to the teller window, spoke to someone on his cell phone, and then handed the teller a note, which read "This is a robbery, give me the money, my mother is sick." When the teller hesitated, Ortega said "Give me the money," and the teller handed him $600 in cash. He asked for more, but the teller refused. At his request, she put the cash in an envelope and Ortega left. He was later apprehended and charged with bank robbery. Not only was Ortega found "not guilty" of bank robbery, but the judge in the case ruled that there was no bank robbery. Justice Gary Trotter pointed out that the words "robbery" and "robbed" can take on different meetings in different situations, such as when the term "robbed" is used to describe a grave misfortune. The Canadian criminal code defines robbery as "Every one commits robbery who steals, and for the purpose of extorting whatever is stolen or to prevent or overcome resistance to the stealing, uses violence or threats of violence to a person or property." Threats, explicit or implied, must involve a "reasonable apprehension of physical harm." The teller in this case testified that she felt sorry for Ortega because he was young and his mother was sick, and that she felt no fear for herself or anyone else. Finding that the teller had a "thick skin," the judge ruled that "while others might have reasonably been frightened, she did not experience any fear at all"...hence, there was no robbery.

BOLO for a bully - Nobody likes a bully. An aggressive bank robber who threatens to hurt employees, speaks rudely to them, and pushes customers out of the way is wanted by the FBI in connection with multiple heists. Dubbed the "Bully Bandit," the minacious suspect has displayed a weapon on at least one occasion. He is a suspect in four bank robberies in late 2012 (one bank twice) and seven robberies between January and May 2013 (hitting two banks twice). After a year-and-a-half hiatus, the thief has robbed four banks in the Chicago area since October 11th, the latest at Bank of America in Riverside on November 13th. Wearing a dark hooded Chicago Bears sweatshirt in that heist, the bully is a Hispanic man in his late 20s or early 30s, approximately 5'7"-5'8" tall, with a medium build, black hair and brown eyes, with four gold-capped lower front teeth. He usually dons a scarf or dust mask to hide the lower half of his face. The FBI is offering a $17,500 reward for information leading to the identification and arrest of the Bully Bandit.

Check our Bank Robbery page for photos and information on the latest robbery suspects. There are 39 unknown bank bandits featured in our suspects gallery for November.

Most of these bandits concealed their identities with hoods, sunglasses or other coverings...or Santa garb this time of year. Enforcing a no hats, hoods and sunglasses policy can help reduce the number of bandits who target your bank. Purchase No Hat Cling signs for all of your branches from the Banker Store.

Santa is coming to town...

Bad Santa comes to town - As we gear up for the holiday season, Santa is doing the same. But not all of Santa helpers are good little elves; some rob banks. Bad Santa arrived in Solana Beach, CA. A man with a fake beard (not a white one) wearing a bright red Santa cap and sunglasses brandished a handgun when he robbed a Chase bank. Instead of a sleigh, he flew off on a bicycle, and is considered armed and dangerous.

Do you have, or have you discussed, a "no hats, no hoodies, no sun glasses" policy lately? During the Halloween season, itís easy to tell a fun-loving costumed customer to remove their mask. But have you considered how you will handle the seasonal slew of Santas?

Bad Santa, the Prequel - The bad Santa in our first story is far from unique. Flash back to December 23, 2013, to what may be a familiar story of a SunTrust bank in Florida that was robbed by a man wearing a Santa cap, wig, beard and sunglasses, carrying a package he claimed was a bomb. The bearded bandit took his stolen loot and left the fake bomb behind – a flashlight and lava rocks (gift wrapped). Police were able to trace the Disney wrapping paper back to a local Walmart store, which led them to Mark London. London pleaded no contest to the robbery in July and was recently sentenced to 8 years in prison.

Get a getaway description - Our Facebook blog this month (below) is a reminder that everyone in the area of a bank robbery can be in danger. In that case, someone was unfortunately shot trying to get the description of the getaway car. Thankfully, that wasnít the case when a Fifth Third Bank was robbed in Charlotte, NC. The descriptions provided by witnesses helped police locate the suspects' vehicle. During an attempted traffic stop, the getaway car with the two robbers inside crashed. The driver, Darius Marshall, was apprehended when he attempted to flee from the scene, and his female accomplice Keia Garnett was found walking nearby. Good descriptions were vital in the quick apprehension of these suspects.

A team effort - Capturing bank robbers involves a team effort. Getting a description of the suspect immediately after the event is the first step, beginning with bank employees, customers and other witnesses, as well as surveillance images captured in the area. When a bank is robbed by a "team" of bandits, it can be especially traumatic. In Hopewell, VA. a Wells Fargo branch was robbed by four men, three of them in the bank while the fourth drove the getaway car. One of the suspects inside fired a shot into the ceiling. Again, in this case, a witness provided police with a good description of the car, which they were able to locate and attempted to stop. The suspects abandoned the stopped vehicle and attempted to flee to a wooded area, but all four men were captured and arrested.

Especially during the busy holiday season, it's a good time to train employees on how to safely get a good description of the people, weapons and getaway vehicles involved in an incident, as well as other details that could be useful.

Hot Topics from the Bankers' Threads
The publicly accessible threads for Security have been very quiet for the last couple of months as the discussions have been more confidential and appropriately discussed in the Private forums. But there was actually one thread that ran through November 8th where one banker was interested in the duties of the security officer and this naturally gravitates also to how big is the bank. This is a good use of the public threads so long as the talk isnít too specific. Read more and weigh in on this topic with your comments. More of the discussions, for risk management and confidentiality reasons, has moved to the private area where we have a forum for bankers only on security topics, and another that allows law enforcement and regulators access.

The "private" security forum is where security officers were discussing handling Google glasses Ė the threat and handling the issue with a policy, CTRs, relocating safe deposit boxes, cash in a teller drawer and cash dispensing machines, and more!

To comment in Bankers' Threads you must be a registered user. You can register here. If using your bank email account, you will be given access to the private forums. The Private area is a group of forums under the heading "Private - Financial Institution Personnel Only." The Private forums do not include access to Bankers Hotline or Compliance Action, premium content areas that require paid subscriptions to those respective publications.

If you are already registered for the Threads, but don't yet have access to the private forums, using your bank email address send a request for access to Please verify that you do not yet have Private access. Once your registration request is approved, you can access the Private Security forum here.

Informative and Useful Intel
In one of November's earliest CrimeDex alerts, New York City detectives sought help identifying an identity theft and grand larceny suspect. The clarity of the store surveillance image was incredibly good, and should result in a successful identification. Good quality images were also seen in a Philadelphia-area fraudulent credit card cash advance alert posted by the Secret Service and Citizens Bank. By way of contrast, surveillance photos seen in fraudulent new accounts alerts from two AT&T wireless stores, where you might expect to find high-tech equipment, were taken from high ceiling-mounted cameras, making identification more challenging. Those few alerts were prime demonstrations of effective and ineffective camera placement that can mean the difference between speedy and delayed suspect identification.

Our Community Credit Union (OCCU), located in Washington state, posted an alert that counterfeit cashier's checks purporting to be issued by OCCU, but with a Michigan address, had been deposited at a Chase Bank branch in Brooklyn, NY. The Fauquier Bank (Virginia), reported that counterfeit cashier's checks purportedly drawn on the bank are in nationwide circulation as part of an internet "mystery shopper" scam.

There's nothing to indicate that fraudsters and other criminals are slowing down in their attempts to make a fast buck at the expense of consumers or businesses. BOL CrimeDex subscribers get early notice of developing fraud trends, as well as warnings about criminal elements that could attempt to attempt to take advantage of lax security, unaware tellers or gullible customers. As this month's alerts have proven, they may also get tangible demonstrations of how improved surveillance equipment and placement can improve the chances of identifying criminals and bringing them to justice.

CrimeDex is now FREE to registered members of the Bankers' Threads
Private Security Forum! Get the details and subscribe now!

Throughout the month, we share news related incidents on our Facebook page that can be informative examples for training employees on security issues and more.

While we are thankful that November was a slower month than October for Facebook activity, our single post on November 26th does not bring good tidings for those involved. A bank robbery in Omaha, NE is a reminder that bank robbers are not sole practitioners and are often involved in one or more other crimes. In an unusual chain of events, a by-stander who was trying to get a license plate number of the getaway car was shot, more shots were fired when police arrived on scene to investigate, neighborhoods were placed on lockdown, and eleven people were arrested. Get the details on this story, and keep up with other informative topics throughout the month, on our BOL Facebook page. Be sure to "like" the articles so we can continue to post more articles of interest to you!

Subscribe to the monthly
Security Spotlight!

Access archived issues of the Security Spotlight
on BankersOnline's Security Spotlight Archive page.