An eye witness of a bank fraud; how it occurred

For that particular day, the Head of Faculty had invited Summit Consulting Ltd as the facilitators. The theme was ‘digital evidence, perspectives from a forensics investigator.’ All the students were anxious to know about digital forensics. The attention of the audience during the presentation clearly demonstrated that the topic was timely. This marked the beginning of our new life outside university.

Time to face reality had come. Lucky enough, I got an opportunity as an intern at a bank. This was my dream come true despite not having been hired on permanent basis. I was posted to the I.T department. My work was simple; monitor all transactions in the core banking application database.

The head of I.T department, Mr Xavier was a welcoming person. He took me briefly through the process. This gave me a clear understanding of my responsibilities.

At the time of my joining, the bank was upgrading its IT platform to accommodate for mobile money services. I was appointed on the team to champion the project. With help from Xavier, my login account was created to access the back end administration of the database. However, my access was limited. Xavier was the super end administrator. For those of you who know these terms, you get the point. Mr.Xavier had no access limitation.

Within a week’s time, we were done with phase one of the project; setting up test bank accounts. The branch manager was amused by the great work done within such a small time period. “I expected this phase to take you more than two weeks. How did you manage to complete this task so fast like this?” inquired the branch manager. “My team has been working extra ordinarily hard,” replied Xavier.

Our next phase was posting transactions onto the test account bank accounts. We posted small transactions of Ugx200,000 or less by mobile money. We finally integrated our banking services with those of mobile money. This was great experience.

As we came nearer to project completion, small complaints started emerging about missing money from the bank. As the saying ‘there is no smoke without fire’, something was wrong. During the test accounts, I noticed something unusual.

How it all started

A week before the end of the project, the branch manager organised a dinner in appreciation of the good work done. That evening Mr. Xavier jokingly told the team that he would like to travel to Dubai for a holiday after this huge assignment. We all laughed and looked at him. “People don’t think this is a joke. Why are you laughing? You mean I can’t afford to have a holiday in Dubai? I am serious. I promised this to my family,” shouted Xavier as the team continued to make fun of him. We quit the place and returned back home.

The next day, as I was crosschecking through transactions for the previous day, there was an account created that had been credited with Ugx40m. I did not take it serious.

For banks majorly targeting Small and Medium Enterprises (SME) market segment, it is a rare case to have such a huge transaction. Bank statements of most clients treated as ‘corporates’ only had deposits of between Ugx10m to Ugx20m. Such windfall transactions only happened in the months of July, August, and September when farmers sold off their tobacco and received the payments through the bank.

My curiosity took the better of me and I decided to dig up any documentation supporting this transaction. Unfortunately the records from the bank did not have any information regarding this transaction. That is when I suspected something was wrong.

The audit

At the time of auditing, it was discovered that the bank had lost Ugx60m in unclear circumstances. There were no records to trace the lost money. All cash handling staff especially the bank tellers were tasked to explain how this money disappeared.  But not much headway was made until the management decided to sanction a forensics investigation.

The final blow

Banks usually maintain suspense accounts to mainly handle money from dormant accounts and failed transactions. These accounts are reconciled at the end of the financial year to avoid instances of abuse. Any unreconciled revenues sitting on this account at the end of each financial year, is treated as a profit. Mr. Xavier’s luck ran out here. He  had created accounts for all his six family members. He then wrote a java script that automatically deposited Ugx 20,000 from the suspense account onto his family’s accounts.

The money started reducing significantly from the suspense account. The branch manager was called to a disciplinary hearing. This probed the bank to seek for a forensic investigation. However, all the audits done did not deliver any positive results.

A team of experts was called in to intervene. Following three days of extensive data extraction, the experts noticed that all the money was wired from the suspense account to various individual accounts. Withdrawals were made at different branches. All the evidence pinned Xavier. He was swiftly convicted and  sentenced to 15 years in jail thus putting a halt to his illustrious  career.

The learning points

Banks are wonderful places to work in. There’s a wealth of knowledge and diversity. However, this environment also breeds fraud and one is advised to be super normally alert to notice any thing suspicious.

A good rule of thumb is to never trust anybody. Question any procedure, transaction and even commands from the superiors.

This will help keep your reputation intact and a rewarding career will be enjoyed.

March 20th, 2018 | by

Leave a Reply

Warning: fopen(): php_network_getaddresses: getaddrinfo failed: Name or service not known in /home/customer/www/ on line 1026

Warning: fopen( failed to open stream: php_network_getaddresses: getaddrinfo failed: Name or service not known in /home/customer/www/ on line 1026
can't open the file.