The story of the termination of Maybank Singapore CFO KHALIJAH ISMAIL, when she negligently initiated a transfer of USD$985,000, on the request of individuals impersonating her bank's CEO and group CEO, included the fact that the impersonators used Zoom to perpetrate an attempt at a massive theft. I am reminded of the cases involving the bogus French minister, whose video calls came complete with a counterfeit government office in the background.
This case had a carload of red flags; the use of private, unknown telephone numbers by the fraudsters, disregarded by the victim, a story that the transfers involved a confidential bank acquisition the details of which could not be shared with other bank staff, and asking the CFO how much money the bank had available for the transfer. Notwithstanding the obvious flaws in the fraudsters' plan, the CFO ordered the funds transferred; the plot was foiled only when the receiving bank froze ir due to questions. Maybank was justified in terminating the CFO; she also failed to promptly report the fraud to internal risk management, and to the police, which is standard practice, even when no loss is sustained.
The bottom line, verify EVERYTHING coming from outside your institution, twice, document it, and make damn sure you are dealing with bona fide officers in any external transaction, lest you become unemployed like Ms. Ismail.
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.