Courtesy of Dark Reading, Information Week has the goods this week on just the story you don’t want to be in – a case study of some serious breakdowns in oversight at Citigroup. According to FINRA, a sales assistant at Citigroup managed to steal nearly $750k from 22 customers. Over eight years.
Adding insult to the injury of an employee who’s stealing from your customer base? A $500k fine for the company for failing to detect the fraud.
Reading the details doesn’t make the case any better. Apparently, the thief was able to continue a pattern of theft despite exception reports raising flags about new accounts she managed – and similar red flags on suspicious cross-account transfers she conducted.
We’ve said it before, and we’ll say it again. All the controls in the world don’t – can’t – do much good unless there are accompanied by capabilities for addressing exceptions. That’s why we’re such fans (okay, and innovators) of Continuous Controls Monitoring solutions, which let businesses address and mitigate exceptions within a closed-loop system. It’s much more than an acronym – it’s a way go from identifying risks to fixing them before they cost you and your customers.
Nowadays CCM is much needed specially in risky areas so that big surprises are to some extent are prevented through continous control enhancements. From experience it is faster and sometime more effective than a periodic audit. It is aroutine program of applying certain tools of checking to ensure compliance with the organisation internal control framework .
Join the Conversation
Add your response below