kerviel was able to conceal trading of $116.8 billion in fictitious accounts — and get away without any alarms being raised because of his deep knowledge of the working of the bank’s systems.
This happened despite the fact that the bank had installed all the relevant alarms and firewall software to capture unusual trading patterns. It had 2,000 people in the compliance department.
What has happened at Societe Generale raises questions about the safety of banking procedures. Some critics are also debating the overdependence on computer-based banking systems.
Now, investigations are on and Kerviel is being interrogated. But some basic questions do arise about how such a fraud could go unnoticed for such a long time.
Most top banks have been at the forefront in implementing the Basel 2 norms, which are meant to cover operational risks in banking. That a single employee with his knowledge of the system and with a few passwords, which should not have been with him, could get away with a fraud of this magnitude suggests two things—either he was an expert at hacking and breaking into the passwords of his colleagues, or his colleagues colluded with him and provided their passwords.
Banks have gone online with a vengeance in the past 10 years. They use more computer infrastructure and functions to manage operations as well as their back-office functions and compliance. Efficiency has vastly improved, both across the world and in India.
But the wrong sort of people are increasingly using online banking to pull off cyber frauds. Many incidents of cyber crimes and cyber attacks go unreported because banks fear they will lose face — and goodwill.