Financial Crime World

Bank’s Ailing Controls Allow Rogue Employee to Steal R740,000

A shocking case of fraud has come to light at a large retailer, where an EFT payment clerk was able to steal R740,000 using a simple password abuse technique.

The Fraudulent Activity

The employee, who had recently gone through a messy divorce and was struggling financially, realized he could use his supervisor’s password to authorize and release transactions. He made small talk with his supervisor while logging in, noting the password and then proceeded to test thresholds by making small payments to himself. As he grew bolder, the suspect loaded a duplicate vendor with his personal bank account on the vendor master database, allowing him to steal large sums of money over a period of one year.

The Importance of Strong Controls

The case highlights the importance of strong controls and segregation of duties within finance teams. “It’s not just about having good controls, it’s also about having people who are willing to enforce those controls,” says Steven Powell, a fraud expert at ENSafrica.

Modus Operandi Used by Chief Accountant

Another case study highlights the modus operandi used by a chief accountant who stole R2 million over a period of one year by amending vendor banking account details on the vendor master file. The suspect would substitute their own account with that of the vendor and then delete the profile once the illicit transaction was complete.

Red Flags of Fraudulent Behavior

Fraud red flags include:

  • Excessive lifestyle
  • Gambling, alcohol or drug problems
  • Staff who constantly claim underpaid
  • Close relationships with suppliers
  • Sole suppliers - not shopping around
  • Poor credit rating
  • Poor communication and reports
  • Indulging in affairs
  • Not taking leave
  • Refusal of promotion
  • Excessive & unexplained overtime
  • Criminal record

Divisional Red Flags

Divisional red flags include:

  • Too much trust placed in key employees
  • Limited segregation of duty
  • No independent checks on reconciliation and payments
  • No clear lines of authority or responsibility
  • Proper authorization procedures not enforced
  • Inadequate documentation & records
  • Infrequent independent reviews
  • Inadequate disclosure of interests & investments management

Conclusion

Fraud and corruption are significant risks in any organization. Prevention is better than cure, and promoting a strong ethics culture is key to preventing fraud. Regular control reviews and training employees to recognize the symptoms of fraudulent behavior can help prevent such cases from occurring.