Bank robber, Willie Sutton is often credited as saying: “I rob banks because that’s where the money is.” Sutton stole as much as $2 million. Even with inflation, Edward Rostohar makes Willie Sutton look small-time, and Rostohar only robbed one bank.
Technically, it was a credit union, but we are talking about a lot of money, $40 million to be precise. Edward Rostohar is listed in news reports as alternately a manager or the CEO of CBS Employees Credit Union. The Justice Department press release lists him as a manager, but CEO seems more likely given the time and amounts involved here.
Rostohar also had special knowledge, prior to his job with CBS Employees Credit Union, Rostohar served as an examiner at the National Credit Union Administration (NCUA), a federal agency that regulates credit unions. What makes this fraud special is not the amount, but how long it lasted.
Rostohar began embezzling in 2000. He was finally caught in March 2019. Over almost 20 years Rostohar managed to steal $40 million. He used his position to make online payments to himself, sometimes forging the signature of another employee. He directed funds to shell companies he controlled and paid personal credit cards with credit union funds. Importantly, Rostohar used his experience as an examiner to hide his fraudulent transactions.
The money was spent on gambling, on failed business ventures designed to earn back the money, and on a lavish lifestyle including houses, private jet flights, and a $5k/week allowance for his wife. His business ventures included a coffee shop in Reno that seems to have used more cash than it generated.
Rostohar was caught when an employee stumbled upon a $35k check to Rostohar and with a little digging, found $3.8 paid to the CEO that year alone. Rostohar eventually pled guilty.
It gets worse. The credit union only had assets of about $21 million when the fraud was discovered and they’ve now been sued for $40 million. The losses generated by Rostohar were so bad that the credit union was forced to liquidate and be absorbed by another credit union.
In the interest of transparency, let’s acknowledge that sometimes prosecutors and news reporters get overzealous. Buried in the LA Times version is that Rostohar actually stole about $25 million, but given the length of this fraud, the interest on those funds would have pushed the cash available to the credit union to $40 million. Know that if you commit fraud, the size of it will be exaggerated, and not in your favor.
This was still garden variety payment fraud at the top. Payments were made to the fraudster or their designates. While steps were taken to hide the payments, a simple search of payments to the CEO ultimately uncovered the fraud. But when we look at the Association of Certified Fraud Examiners’ annual report to the nations and see that the average fraud lasts 12 months, realize that this fraud lasted 20 times that.
Twenty years is a long time and $40 million is a lot of money, all from a small credit union outside of LA.