Skip to main content

Counter Fraud

The fight against fraud is an essential part of financial crime management in the RBI Group. Our anti-fraud efforts have two main goals: To minimize the RBI Group’s fraud losses and to protect our customers from fraud. In each of our network banks, we have dedicated, experienced specialists who lead and coordinate the prevention, detection, and investigation of fraud. At the core of our anti-fraud strategy is efficient and effective fraud prevention.

What can you do to protect yourself from banking fraud?

The biggest fraud risk facing banking customers today is payment fraud. Although electronic banking is more secure than traditional, paper-based payment channels, customers of every bank are targeted by fraudsters from time to time. The security of our customer’s payments is of utmost importance to RBI AG. 

Therefore we apply a multi-layered strategy of customer awareness, system security, and transaction monitoring in order to protect our customers from fraud.In order to successfully combat payment fraud, banking customers must do their part as well. It is very important to recognize the most common fraud schemes and take steps to avoid becoming victims.


Unauthorized fraud

Unauthorized fraud means that fraudsters try to obtain the legitimate user’s login credentials in order to gain unauthorized access to the user’s bank account. The perpetrators then try to send payments to other accounts, often in other countries, to which they have access (mule accounts).

Authorized fraud

In an authorized fraud scheme, fraudsters use various social engineering methods to manipulate people into sending them money. Two of the most common authorized fraud schemes against corporates are 'payment redirection' (also called 'business email compromise') and 'CEO fraud'.

CEO Fraud

Also known as "Fake President Fraud" or "Business E-mail Compromise". It is a fraud scheme with a pronounced psychological element. The fraudsters pretend to be the CEO, CFO or a third party (e.g. business partner, consultant, solicitor, etc.) of the company.

Warning signs

  • the "attack" usually occurs on a Friday
  • large number of phone calls/e-mails in a short period
  • high (time) pressure put on the employees
  • high psychological pressure: secrecy, importance
  • and urgency (e.g. strategic investment)
  • publicly available information are misused

Attention:  Once the money has been transferred, it might be distributed to several other bank accounts, and it will be withdrawn by the fraudsters within the same business day.

How does it work?

  1.  "real" CEO is absent (e.g. business trip/holidays)
  2. Alleged CEO (= fraudster) contacts (from manipulated e-mail address!) the target person and requests an urgent transaction under strict secrecy. Furthermore a confirmation by a third person is announced.
  3. Solicitor/business partner/consultant (= fraudster) also contacts the target person and verifies the previously announced transaction.
  4. Typical victims are employees from treasury/accounting/payments.

Tips to protect yourself

  • Question transactions to unknown/new accounts with untypical country codes for your company
  • Do not get unsettled and stick to the usual processes (e.g. four-eyes-principle)
  • Stay calm and question the trustworthiness and plausibility of the statement/information/e-mail
  • Get in contact with the CEO under the known and registered phone number and get a confirmation for the process
  • (also during the holidays!). Eventually pre-agree an emergency password!
  • Check the e-mail address/header for irregularities (e.g. firstname.secondname vs. firstname_secondname)
  • Attention: spam filters do usually not protect!

For questions/suspicions please contact your Relationship Manager or RBI Group Financial Crime Management.We are pleased to check and validate your suspicion quickly.

Payment redirection fraud

This phenomenon is also known as "Mandate Fraud", "Creditor Fraud" or "Supplier Account Takeover Fraud". It subsumes the change of account details of supplier or customer accounts in combination with debit notes or standing orders, manipulation of credit card activities, or changing employee’s salary account details, particularly when a bonus is due.

Warning signals

  • any unexpected requests to change or update payment details of a regular supplier
  • irrespective of telephone, e-mail, letter, or fax, if your company is contacted ‘out of the blue’ to amend payment details always treat this as a potential warning signal.
  • if the person on the phone is aggressive and puts heavy (time) pressure on you

Attention: Changing bank accounts is an unusual process and therefore any request to update records should be treated with suspicion. Changes should be authorised only at senior level.

How does it work?

  1. Regular payments from Company X to its business partner (e.g. supplier) Company Y.
  2. The fraudster contacts the target company X via phone/e-mail/letter, claiming to be a representative of Company Y (e-mails are often sent from the hacked account of the genuine supplier!). The fraudster informs Company X about a change in the account number of Company Y.
  3. Employee of Company X updates the account number in the supplier database.
  4. From this point every single payment sent by Company X and meant to pay the genuine supplier ends up on the fraudster’s account.

Tips to protect yourself

  • Treat any notification to change details of a supplier’s bank account as a high risk activity.
  • Always verify a request BEFORE implementing the change or completing the payment. Be mindful not to use the contact details provided on the instruction, use established contact details to validate the change instead. (For example, if the update was received by e-mail, verify it via phone or fax, using a previously known number.)
  • Reconcile accounts on a daily basis in order to identify potential fraud payments quickly.
  • Never leave invoices unattended in the office or on your desk.
  • Whenever possible establish at least two specific points of contact with suppliers to whom regular payments are made so that all invoice issues can be raised and confirmed with them.

For questions/suspicions please contact your Relationship Manager or RBI Group Financial Crime Management.We are pleased to check and validate your suspicion quickly.

Get in touch

RBI Group Financial Crime Management