Disclaimer: This short article is not intended to discredit or generalize all banking institutions. Its purpose is solely to raise awareness and help customers understand the possible risks, as well as the appropriate steps to take should such incidents occur. Responsible banking practices and customer vigilance are both essential in maintaining trust and security.
A bank is expected to serve as a secure and trustworthy place to safeguard one’s money. However, there have been troubling incidents where funds have mysteriously gone missing, not due to scams, but without any clear trace accessible to the customer. In several cases, it was discovered that the theft was committed by the bank’s own staff, representing a serious breach of trust and governance. Such incidents typically involve insider threats, manipulation of internal systems, or exploitation of security vulnerabilities. In response, the bank has taken steps to strengthen its internal controls, enhance staff screening processes, and upgrade its cybersecurity measures.
Not limited to the following, these are some possible fraud cases and how the theft is disguised.
- Prevent the same employee from initiating and approving transactions,
- Implement dual or triple controls for sensitive operations.
- Ensure tamper-proof, automated, and real-time logging of all activities.
- Logs must be independently monitored.
- Limit access to transaction systems based on job role,
- Regularly review access privileges.
- Reconcile customer transactions with system logs daily,
- Conduct surprise audits on branches and back offices.
- Immediate SMS/email alerts for any withdrawal, transfer, or account update.
- Let customers flag unauthorized transactions promptly.
- Encourage staff to report suspicious activities anonymously,
- Ensure whistleblower protection.
- Test the integrity of core banking systems regularly,
- Identify and patch security vulnerabilities.
- Employees created millions of unauthorized accounts to meet sales targets.
- Fraud of over $1.8 billion through unauthorized SWIFT transfers.
- Hackers transferred $12 million after gaining access to SWIFT credentials (with suspected insider collusion).
- Report to the bank immediately in writing - detail the events as much as possible and attach any relevant documents
- File a police report and Bank Negara (if in Malaysia) - ditto -
- Anti-Money Laundering, Anti-Terrorism Financing and Proceeds of Unlawful Activities Act 2001 (AMLA) - Applies when the money was diverted and later laundered through businesses, banking channels, or cross-border transactions. (e.g. Section 4),
- Malaysian Anti-Corruption Commission Act 2009 (MACC Act) - applies when there is report, suspicion and prove of abuse of power, bribery, or collusion by government or bank officers in the diversion of the money. (e.g. Section 23),
- Financial Services Act 2013 (FSA) - applies when the offense involves commercial banks or financial institutions regulated by Bank Negara Malaysia (BNM).
- Penal Code (Act 574)
- Communications and Multimedia Act 1998 (CMA) - applies when digital systems or networks were used to commit or conceal the crime.
- Central banks periodically remove old, damaged, or outdated notes from circulation,
- These notes are supposed to be counted, verified, logged, and destroyed (burned or shredded),
- Insiders could falsely record that the currency was destroyed, while actually diverting the physical notes.
- Central Bank Controls,
- Serial number tracking of notes meant to be destroyed,
- CCTV surveillance and biometric access to high-security cash destruction zones.
- Random third-party inspections during destruction,
- Use of automated machines that count and shred notes without human contact,
- Auditing and Transparency,
- Real-time logging and cross-verification by independent departments,
- Forensic tracking of serial-number batches after destruction,
- Audit trails retained for a mandatory period, often years.
- Some bank officers were caught trying to launder old currency meant to be surrendered and destroyed,
- Allegations arose of old bills being recirculated or exchanged on the black market.
- cases were reported of cash meant for destruction re-entering circulation via insider collusion.