13 comments

[ 3.9 ms ] story [ 29.4 ms ] thread
One of the more surprising things I've discovered as I've worked more closely with our QA guys is how little auditing goes on, especially when everything seems to be doing well.

But I work in the relatively non-essential world of analytics. I can't imagine that the world of finance is so lightly examined. But I guess 2007 showed us that it really is lightly audited in some aspects.

Really, I think some of the difficulty is in the complexity of our financial system. I'd argue it's similar to how no single person fully understands how a modern OS runs on an x86 chip - usually it works, but there are issues hiding in the shadows. Sometimes one of those CPU errata comes and bites you and the system crashes. Other times there is a stack overflow - something that obviously shouldn't have happened except the code auditing guys didn't do their jobs.

(comment deleted)
> how little auditing goes on

Companies see Risk Desks, QA, etc. as 'cost centers', and try to keep these budgets down.

Risk adjusted, they are massive profit centers. In addition to the actual $$ they save in fines, and stock price losses, the damage to the brand is often in the billions. But it is hard to measure the impact of events that do not occur.

Inconceivable.
Really? I would be confident in saying "Predictable". And obviously I'm not condoning it, in case it needs to be stated.
How in the world can 5000+ people be "rogue employees"?
> How in the world can 5000+ people be "rogue employees"?

Well they have 265,200 employees, so I can see 1%-2% of people maybe trying to make a quick buck. You probably know at least 100 people. Can't you think of at least two of them that would get up to some shady shit for a buck, given the opportunity?

Out of those 262,500, how many would be in consumer-facing sales jobs where an opportunity to run these scams existed? One should look at 5,000 as a percentage of /that/ number.
Easy. Calling them anything else would mean "...and this was an open secret within the company." Show me a single company willing to admit to fraud at this scale.
Based on the numbers in the article, the fake accounts generated about $1 each on average. Based on my experience being charged fees much larger than $1 by banks, it seems like the vast majority of the accounts must have generated no fees.

I can easily see how that would happen. As a bank user, some line item in my statement with $0 in it wouldn't raise any eyebrows to me. And if I did get charged a fee, they would probably remove it if I complained. Even if my complaint got escalated, what are the odds it would be attributed to a system problem and not just some idiot who forgot he signed up for an account?

This happened to us. A Wells Fargo private banker offered a new Line-of-Credit. My wife said "no." We found a Line-of-Credit opened anyway. We complained. They apologized, saying they misunderstood our conversation. Which felt like they were of partially blaming us for not communicating clearly to them.