Computer Programmer withdraws cash from ATM without any record

In a strange, but very alarming, case reported in the media, a former Bank of America computer programmer was found guilty for ATM fraud.

 

As per the reports, Rodney Reed Caverly was hired by BOA to design and maintain its computer systems, and had been assigned to work on a project involving the bank’s ATM sytems.

 

Caverly over a period of 6 months during mid 2009 deployed a malicious computer code in around 100 BOA ATMs. The code was written to disburse cash from the ATMs without any transaction record of the cash disbursement.

 

The thought of something like this happening is so scary … what if a rogue coder can write a code that no matter which card is inserted into the ATM, the withdrawal will be debited from say Mukesh Ambani’s bank account !!

 

While banks spend a lot of money aiming to secure their networks from external attacks and take pains to segregate duties and whatnot internally, a smart, evil employee will always be able to make a mockery of its defenses. Hence the need for very strong internal control processes and a reconciliation and monitoring mechanism.