• Investment World
• eWorld
• Catalyst
• Mentor
• Life
• Canvas
• Praxis
• Urban Pulse
• Brand Quest

Stocks

• Quotes
• SE Diary
• Scoreboard
• Open-End Mutual Fund

Cross Currency

• Rates
  
  

Shipping

• Ports
  
  

Archives

• Yesterday
• Datewise
• Resources

Group Sites

• The Hindu
• Business Line
• Sportstar
• Frontline
• The Hindu eBooks
• The Hindu Images

D. Murali

"PHONE records show suspect's location before millionaire's slaying," reads the headline of a story on www.wnep.com about a recent crime in New York. Another crime story is on www.sun-sentinel.com, about cell phone conversations, containing discussions of how to set up the stock swap scheme, included in the court records of a `boiler room' fraud; the multimillion-dollar scheme had duped "more than 60 investors from 14 countries." From yet another report on www.phoenixvillenews.com is this snatch: "Clark denied being in Norristown that night but detectives, using Clark's cell phone records, determined that Clark had allegedly lied about his whereabouts that day and night."

Thus, cell phone records are repositories of giveaway clues especially when perused by cops in crime cases, such as the recent one that supposedly involved deploying mercenaries for a liquidation job. These are, however, not the sort of records that an auditor may get to see in his routine work. Of greater concern to him is financial crime, where again, going by reports datelined Chennai and Kancheepuram, there appear to be too many questions on transactions. When data are electronically held, crimes can byte off more than what can be borne by the affected, and chew at the financial vitals of organisations.

"Financial crime is nothing new," acknowledges the Financial Services Authority (FSA) of the UK, which has "a statutory objective to reduce financial crime." However, the ways in which financial crime is being committed are changing, notes the FSA in its recent report on the Financial Crime Sector, titled "Countering Financial Crime Risks in Information Security".

First among the findings in the report is that firms could be more active in managing information security risks rather than being reactive to events, "to protect better their own assets and those of their customers from the risk of fraudulent activity." Though the study is of British firms, many of the observations have universal appeal, such as "heightened awareness of the financial crime risks arising from poor information security; and serious incidents such as failed firewalls and virus infections, as well as other near misses.

`Phishing' and identity theft is a major problem that the report discusses. "They affect consumers and firms alike and are often one of the ways organised criminals raise money to fund more serious criminal operations such as people trafficking and drug smuggling." What happens in `phishing' is that the criminal sends "spoof emails misrepresenting corporate identity to trick individuals to disclose personal financial data such as account numbers and PINs." To create the semblance of respectability, perpetrators create "Web sites that mimic the trusted brands of well-known financial firms". Scamsters are getting more professional too because there are fewer grammar mistakes in `phishing' mails!

FSA found that a small UK firm took ten days to figure out what to do after it was advised of a fake copy of its corporate Web site bearing its name. Ultimately, the firm's solution was "to ask the US Secret Service to contact the US-based Internet Service Provider" to remove the site. That is an example of what your company better not do, rather than approaching the WIPO Arbitration and Mediation Center (http://arbiter.wipo.int) that offers a simpler resolution to domain name disputes. Many crimes, both financial and the rest, are traceable to wily insiders, where the antidote or deterrent can be in the form of proper internal controls. One of the oldest `insider' jobs, not counting Satan in the Garden of Eden, was that waged in Troy by soldiers who spilled out from the big wooden horse. As if in their honour, `phishing' Trojans download themselves from hoax pages and "secretly log keystrokes when a consumer visits an online banking site". How do you fight the inside enemy? Not easy, because "currently, there are no published good practices for firms or consumers to follow to combat `phishing' Trojans," according to the FSA. A safe bet is to maintain "up-to-date anti-virus software". In bold italics, as in our Accounting Standards, is this tip from FSA: "Employee action, deliberate or accidental, can potentially result in serious information security issues such as virus infections. Staff should be provided with education of the firm's information security policies and procedures on joining. And they should receive additional updates on emerging threats to minimise risk."

Though it sounds drab and rhetorical, this advice makes sense not only with regard to electronic data but also simple things such as cutting cash vouchers for large sums. Often accountants come under pressure from their superiors to acquiesce in recording transactions that are `infected' by info gaps, which in the process of some probe later on may unravel as a key links in a crime strategy. Education, therefore, should include lessons on blowing the whistle appropriately. Won't it be too trivial to instruct your officers in the use of cell phones - that they don't leave it unattended? Yet, it makes eminent sense because what may frame you in a crime may not be a bloody dagger in your hands but the number of the killer's phone on your mobile and perhaps a call log that it was received and responded to.

If, instead of you, someone had operated your phone, what you have again is a case of identity shift that would be tough to prove, however hoarse you cry, "No, that was not me! I am Dr Jekyll, not Mr Hyde!"

Christopher Marlowe would remind you how identity can have a tussle. On one side the Good Angel advises, "O Faustus, lay that damned book aside, and gaze not on it, lest it tempt thy soul," while the Evil Angel goads, "Go forward, Faustus, in that famous art, wherein all nature's treasury is contained."

And elsewhere, Marlowe writes: "His study fits a mercenary drudge, who aims at nothing but external trash, the devil and illiberal for me: When all is done, divinity is best."

To wrap, after that literary deviation, all said and done, in financial dealings, prudence is the best. This is not what Faustus said, but I'm sure this can help avert someone foxily pulling a fast one on us.

AccountSpeak@TheHindu.co.in

More Stories on : Accountancy | Economic Offences | Account Speak

Article E-Mail :: Comment :: Syndication :: Printer Friendly Page

Stories in this Section
Arrest the drift

Copyright © 2004, The Hindu Business Line. Republication or redissemination of the contents of this screen are expressly prohibited without the written consent of The Hindu Business Line