Crime blotter: Compliance and internal theft
It's perhaps always a good idea to remind folks that employees remain among the most serious threats to a company.
At times, given the headlines and media emphasis, we tend to think of security breaches and theft as a consequences of letting outsiders into the network. Most of the security spend, to be sure, is devoted to battening down the electronic hatches. But most companies would be wise not to forget to invest in programs designed to thwart inside jobs.
Recent examples abound. A Texas branch manager has pleaded guilty to stealing more than $2 million from customers over a decade. She faces up to 30 years in jail. The 40-year-old Bank of America branch employee apparently had full access to customers' bank accounts---a segregation issue. She was accused of fraudulently using customers' names and bank account numbers to fill out withdrawal slips to steak money. Fellow employees "did not question the legitimacy of the transactions because they trusted Cobb, who later admitted using the stolen money for personal expenses like vacations, clothing, jewelry and the purchase of land," according to FOX Business.
In Connecticut, an employee in the property services division of a local bank, Webster Bank, was able to work the system to send $5 million to two companies she allegedly set up with two different husbands. She reportedly told employees that the companies were "brokers" and therefore were exempt from due diligence or annual review.
To be sure, an employee bent on fraud will likely find ways to game the system. But it's the job of the company to make that as hard as possible. That has to rank as a priority.