What happened to CAATS?

While the news item like this are not so common, but as a matter of fact, despite a decade+ awareness and regulation, banks still failing to understand the severity of information security and concept of having a robust online control systems.

In this case, a proper system of CAATS would have prevented the entire problem.

‘Computer-assisted audit techniques (CAATs) or computer-assisted audit tools and techniques (CAATTs) is a growing field within the audit profession. CAATs is the practice of using computers to automate the audit processes.

In Audit profession, such online audit techniques are used to detect suspicious trends/patterns to avoide a bigger fraud at a later date. If the bank has deployed an appropriate audit tool, the questions remain –

  • Why the sudden jump in unusual transactions through few accounts?
  • Why multiple transactions within a day happening?
  • how the exchange rate is allwoed to be fictitious at 0.0001 and the system did not through an error?

It is alleged that the ‘black money’ was transferred out to Hong Kong

The Enforcement Directorate, the Central Bureau of Investigation and the Serious Fraud Investigation Office have launched a joint probe into allegations that Rs.6,172 crore in black money was transferred out to Hong Kong through newly opened current accounts at a Bank of Baroda branch in Delhi last year.

The matter came to light last month during the bank’s internal audit which revealed that in one year, the foreign exchange business had shot up from Rs.45 crore in 2013-14 to Rs.21,529 crore in 2014-15.

The amount was deposited in cash, at times through multiple entries a day.

Records fudged

The bank authorities reported the irregularities to the Finance Ministry soon after the irregularities were detected. An internal inquiry revealed that records were fudged to evade detection. Entries were made showing dollar-rupee exchange rate as Rs.0.0001 instead of the then prevailing rate of Rs.60 per dollar. Besides, all remittances were kept below $1,00,000. Read more

When a Security Policy Creates More Problems Than It Solves

The purpose of an information security policy is to set everyone’s expectations by outlining what’s being done or what should be done to protect systems and information within the business. Policies are a convenient solution to today’s security ailments. Or are they?

Read more…..