Wachovia Corp. has been updating its systems to spot employee fraud, and it is working just as hard to ensure that the perpetrators are convicted.
“Consumer and business information has become a criminal commodity,” Brian McGinley, the Charlotte company’s loss management director, said in an interview this week. “Information has become a currency.”
Observers say that the proliferation of online markets has made it easier for bank employees to sell account data and is making such crimes more tempting.
Such insider thefts tend to be small compared with those that often stem from organized crime and generally focus on easier targets, such as merchants. Still, even small thefts will add up if left unchecked, Mr. McGinley said. “Uninterrupted, an employee will continue to steal over time.”
For the past eight years Wachovia has bought various tools to monitor and document employee behavior and to spot and evaluate any criminal activity. Last spring it began testing software from the Concord, Mass., vendor Memento Inc. to help analyze the data it collects.
The software implementation is only in “quasi-production” now, Mr. McGinley said. Though he would not share detailed results, he said that the added computational power helped reduce a days-long investigative process to minutes.
This time reduction is important, he said. “It’s similar to a detection of cancer” — the earlier it is found and removed, the healthier the rest of the company can be.
Though the software has not been fully rolled out, it has already paid for itself, Mr. McGinley said, though he would not say how much it cost.
In addition, Wachovia is working to make sure any incidents it discovers can be prosecuted, he said. “You need to be the squeaky wheel. You need to sell this case to law enforcement.” Wachovia has worked to build relationships with law enforcement agencies and provide enough evidence to build a strong case against the employees it catches.
Fighting fraud is not just about the money, Mr. McGinley said; it is also a branding and ethical issue.
“It’s an issue because it’s the right thing to do,” he said. “At Wachovia, our brand is customer service, and part of that customer service is trust.”
Though he would not discuss specific incidents at Wachovia, employee fraud cases at other companies have made headlines in the past year.
Last summer Fidelity National Information Services Inc. of Jacksonville, Fla., disclosed the breach of 8.5 million account records and blamed it on a database administrator, who later admitted to selling the information to a data broker, which then sold it to marketing companies.
A Fidelity spokeswoman would not make an executive available for an interview.
Insider fraud is a sensitive topic for many banking companies. Several, including JPMorgan Chase & Co., U.S. Bancorp, and Synovus Financial Corp., would not discuss it for this article.
Avivah Litan, a vice president and research director at the Stamford, Conn., market research company Gartner Inc., said that employee fraud can be particularly damaging because, unlike hackers from outside, employees “know what they’re doing.”
And the potential benefits for the fraudster can be substantial, she said. “There’s a huge black market for customer account data, and bank accounts sell for the most money.”
Many types of insider fraud are hard to spot, such as tellers refunding bank fees into their own accounts instead of customers’. “That’s very hard to detect if you’re not looking at it,” she said. “A lot of this is petty fraud that adds up to hundreds of thousands of dollars, and banks don’t want to talk about it.”
