×

Warning

JUser: :_load: Unable to load user with ID: 468
Wednesday, 28 June 2006 05:22

Employee fraud at HSBC BPO in Bangalore

By
ImageAfter employee fraud last year at MSource, an Indian BPO centre in Pune in the western part of India another one has come to light and this time it is in Bangalore. An HSBC employee has been charged with stealing confidential data of the bank’s customers in UK to illegally transfer their money without their knowledge.

The complaint was lodged by the HSBC shared services centre -- HSBC Electronic Data Processing India (HDPI), against its employee Nadeem Kashmiri with the Cyber Crime Police Station in Bangalore on June 22.

The company has alleged that Nadeem has “accessed personal information; security information and debit card information” of some of its customers in the UK and has passed it to “co-fraudsters”, for conducting “fraudulent transactions through ATM, debit cards and telephone banking services at the behest of Nadeem.”

The loss is estimated at 233,000 pounds.

The fraud came to light after 20-plus UK customers of HSBC realized that money was suddenly missing from their accounts and subsequently lodged a complaint with the bank stating that funds were “transferred without their knowledge,” between March and May this year and that they “did not know, who transferred the monies.”

In the first information report (FIR), HDPI has stated that the bank conducted an internal investigation and found Nadeem to be the main culprit. “He has accessed the customers’ account without any business requirement and changed the personal information, security information and debit card information. He did not log his access on the front end of the business application, as is the mandatory procedure,” the FIR stated.

The backend system logs indicated that Nadeem accessed the information. Later, his accomplices called and cleared the procedural security requirement and “requested him for the balance information and conducted the fraudulent transaction. Nadeem facilitated his accomplices to impersonate the actual customers to enable them to cheat the HDPI and HSBC customers,” the FIR stated.

In the process of investigation, the HSBC also found that Nadeem joined HDPI on December 12, 2005 using “false records and misrepresentation."

He omitted to mention his employment with Accenture and provided false references for conducting reference checks.

The bank has alleged that Nadeem joined HSBC “with the intention to deceive and cheat the bank and its customers. He accessed customers accounts without authorisation from the day he was deputed on the processing floor, on February 6.”

The company spokesperson has said that the internal security team discovered that one of HSBC’s staff in Bangalore had caused customer data to be leaked, “which has resulted in a small number of accounts in the UK being compromised. The employee has been suspended and the crime reported with the Bangalore police.”

Last year in April five employees of MsourcE, the BPO arm of MphasiS BFL (now acquired by EDS) were arrested for allegedly pulling off a fraud worth nearly $425,000 from the Citibank accounts of four New York based account holders. The case is under investigation.

A couple of months later, the Sun tabloid in a sting operation purchased the bank account details of 1,000 Britons for about $5.50 each from one Karan Bahree, an employee of Gurgaon-based BPO company Infinity E-Search, who allegedly sold the information to an undercover reporter. The case was registered in London.

The reason for such lacunae in the system is the fact that BPO firms are feverishly recruiting and there is not enough time for inadequate employee verification.

According to a verification company, an interview for a candidate lasts an average of about 5 minutes. “How well can you verify that candidate in that time frame? It is critical to get a proper verification of candidate's education, employment and other details done but most companies are willing to let that pass – because it costs about $ 200 per employee and they are not willing to foot that” says a CEO of a verification firm.

In the HSBC case, the employee had furnished false information about himself. As per the police complaint, he had not mentioned his previous employment with Accenture and had provided false references for conducting reference checks. But HSBC appears to have overlooked all of this.

“After the MSource fraud, employee verification has become a serious issue and companies have put in place stringent rules for security and employees providing false information have been fired in some BPOs,” said Nasscom president Kiran Karnik.

Experts add that employee verification and risk mitigation should be placed under an information security department, and not under the HR department as is typically done. “HR does not understand security issues – they are more interested in hiring and placing a candidate quickly but the information security should play a stronger role in recruitment,” they say.

Subscribe to Newsletter here

WEBINAR INVITE: Exploring Emerging Strategies for 5G Monetization

Network Operators continue to invest in 5G and build out their infrastructure.

With the recent impact of world events, the pressure is on to explore additional ways beyond traditional subscription models to monetize existing investments and speed up returns.

Creative thinking is key in this space, and in this webinar, you will learn about innovative ideas for Network Operators and Enterprise Business to enable new services and opportunities to drive incremental revenue.

Join us for this thought-provoking webinar with ITR Analyst, Marc Einstein, where you will learn about:

- Key industry 5G trends
- How COVID-19 is driving innovation and potential new business opportunities and applications for 5G

Click below to register your interest for the AUGUST 26, 4PM WEBINAR (AEST)

REGISTER NOW!

PROMOTE YOUR WEBINAR ON ITWIRE

It's all about Webinars.

These days our customers Advertising & Marketing campaigns are mainly focussed on Webinars.

If you wish to promote a Webinar we recommend at least a 2 week campaign prior to your event.

The iTWire campaign will include extensive adverts on our News Site itwire.com and prominent Newsletter promotion https://www.itwire.com/itwire-update.html and Promotional News & Editorial.

For covid-19 assistance we have extended terms, a Webinar Business Booster Pack and other supportive programs.

We look forward to discussing your campaign goals with you. Please click the button below.

MORE INFO HERE!

BACK TO HOME PAGE

BACK TO HOME PAGE

WEBINARS ONLINE & DEMAND

GUEST ARTICLES

VENDOR NEWS

Guest Opinion

Guest Interviews

Guest Reviews

ResearchWire

Guest Research & Case Studies

Channel News

Comments