Expert reveals remote theft from bank
A BANKER and head of fraud and investigations division has narrated how remote access was used to interfere with accounts amounting to K6,198,000 at a named bank.
Appearing at the magistrates court was Rashid Xyagulani accused of unauthorized access.
Kangwa Luwo, 55, of Lusaka West said a manager of Mulungushi Atlas Mara branch advised him of an issue affecting three cooperate accounts.
He said he was informed that there was interference drawing on three cooperate accounts with an amount of K6,198,000 done between December 31 2019 and January 2 2020.
Luwo told the court he requested that beneficiary accounts and drawing accounts be stopped immediately.
He said the cooperate accounts involved were Zambia National building society treasury account ending with 3734, Zambia National building society main account ending with 3009 and local Authority Superannuation Fund ending with 0005.
Luwo said in his investigations he learned that transaction was not authorized by account holders.
He explained that though transfers and other types of drawings can be conducted through written instruction to the bank, such transfers and drawing is evidenced by electronic instructions and authorisation by authorized signatories (customer) on each transactional activity.
However, there were no instructions either physical or electronic, he said.
There are, he said, two users on the core banking system, the first user from the core banking system will introduce transaction into the core banking system by debiting one account and crediting another.
Luwo explained that the second user has a checker role meaning, validating what has been introduced in the core banking system with original customer instructions and that only when the checker is satisfied that the instructions have been followed, authorisation given for the transaction to proceed.
He said there were no instructions for any of the two transactions and the two users were oblivious of the transaction and not physically present.
He said at various times, transactions were actualised and it was determined that absence of their presence by viewing the closed circuit television bio-metrics access control system which both showed absence of the two.
The witness also said the physical location of the computer used to force the transaction was not known.
He said he discovered the transaction started on December 31 at around midnight, the transfers from three accounts to the 18 beneficiary accounts were conducted after banking hours.
The transaction was conducted on January 1, a non business day because it was a holiday and the branches were closed and the two users did not have access to branch facilities to have conducted the transactions.
He said by remote access it is possible for a person to access application seated on a computer that is not in the same location as the person over the Internet.
He said the options include remote Desk protocol RDP, VPN and Microsoft teams. He said the bank suffered a loss of K69,185 and K200,000 and K6,198,00 was partially drawn.
The matter comes up on June 12 for continued trial.