12 SepThe Bankers’ Plumber on Banking: Poor Customer Process Control at Wells Fargo

Bad process with no happy ending. 5’300 sackings and $185mm in fines. That is what resulted at Wells Fargo last week in a series of events that even managed to surprise me. This is a tale of poor leadership and widespread, systemic wrongdoing, as well as bad process. I think it will pique your interest as much as it piqued mine.

This latest banking scandal is a retail banking one and has happened at Wells Fargo which has to date been renowned for its outperformance in the banking sector. In an attempt to be seen to meet sales targets, accounts of various different flavours were opened for existing customers without approval and unauthorised transactions made between the real approved accounts and the unauthorised quota-filling ones. What is staggering about this incident is quote how widespread it was: two million phony accounts and 5’300 staff were involved.

As it happens, I am busy with some client work on Data Quality (DQ) Assurance for customer data. Getting things right is not only a function of data quality; it is also a function of process quality, controls and staff training.  DQ has different levels of sophistication:

Level I   Checking for missing or erroneous data. Is the entry in the field non-blank or a plausible value?
Level II A more complex level is reviewing plausible data; was the new corporate banking account for Honda UK connected to the correct parent and hierarchy?
Level III Combined data. Do we have US taxpayer ID’s complete customer information for George Walker IV who is subject to FATCA because he is a US person?

Even in a well developed environment, I do not believe that any of the levels of control cited above would have caught the Wells Fargo problem. Something must be very wrong if over 5’000 employees did the wrong thing. The root cause of the problem is in my mind, the sales pressure and false incentives. On top of that there must have been failings in the process.

Firstly, either Wells Fargo had a robust procedure in place to ensure there was at least 4-eyes control over new accounts and that procedure was then not followed or the procedure was inadequate. If the customers did not authorise the account openings, there was no documentation, unless forging signatures was also part of the issue.  With 5’300 employees involved, my BS detector tells me this was case of inadequate procedure.

Secondly, central oversight of account opening and responsibility for ensuring customer hierarchies are correct and approved would appear to be missing. Customer hierarchy is important because it ensures any banks understands its aggregate exposures. Last week, there will have been a few banks sweating over the bankruptcy of Hanjin Shipping; did they have a clear picture of aggregate exposure? Though this is less of an issue in retail banking, where exposure is to a person, if there is a central control process, that is actually another defence against the kind of fraud Wells Fargo experienced.

Thirdly, my favourite control. Normal; do you understand what is normal for your business? Though I do not know how exactly the misdeeds manifested themselves, I would wonder if some clients had an unexpectedly high number of accounts. I have written elsewhere (see www.3CAdvisory.com/blog) on the tricky test of “Normal”. My voice of experience here says that if you are in a particular business, you know what is or is not normal in your back yard; who do you use as a broker, what is a very large payment? Whilst I do not know the exact statistics in this case, I would like to know if the account data for the misused accounts was in-line with the existing data for retail accounts. The cynic in me suspects that these relationship will have had more accounts than the norm.

Lessons learned: The execs at Wells Fargo committed some cardinal sins.

First, the sales pressure seems to have had some very undesirable consequences. Cheating and lying on a grand scale. Deceiving and negatively impacting customers for certain. Possibly even some forgery.

As luck would have it, the British government has already given thought to this type of issue. The Times of London today (Sept 12th 2016) ran a front page story: “Crackdown on white-collar crime: Employers face prosecution for failing to prevent corruption and fraud”. Whist in the case of Wells Fargo this might be case of shutting the barn door after the horse has bolted with an empty stagecoach, there needs to be greater incentives to really run business properly.

Secondly, controls matter. In this case, account opening must evidence a customer request. There must be a four eyes principal. A central control point will be an advisable structure in most circumstances.

Thirdly, Data Quality Assurance has to be a multilevel discipline. Data that is plausible but wrong or even fraudulent needs some clever controls. Probably nothing as clever as Machine Learning; in these types of cases, a solid understanding of what normal is will take Operations staff a long way.

Thanks for your support.

Any and all feedback is welcome, please like, comment and share liberally.

Previous Posts 

Are available on the 3C Advisory website, click here.

Publications

The Bankers’ Plumber’s Handbook

How to do Operations in an Investment Bank, or not! Includes many of the Blog Posts, with the benefit of context and detailed explanations of the issues. True stories about where things go wrong in the world of banking. Available in hard copy only.

Cash & Liquidity Management

An up to date view of the latest issues and how BCBS guidance that comes into force from Jan 1 2015 will affect this area of banking. Kindle and hard copy.

Hard Copy via Create Space: Click here

Amazon UK: Click here

Amazon US: Click Here