“We have problems with our physical security, operational security through to management.” …Kevin Mitnick
The Kenyan Commercial Bank robbery
“NAIROBI (Reuters) – In a heist reminiscent of a Hollywood movie, Kenyan robbers spent months tunneling into the bowels of a bank located opposite a police station and stole the equivalent of half a million dollars, police said on Tuesday.
Police said they had arrested two men and one woman over the robbery but had not recovered the 50 million Kenyan shillings, reported missing by staff at the branch of Kenya Commercial Bank (KCB) on Monday when they showed up to work.
“We have not recovered the stolen money,” said Simba Willy, sub-county police commander in the town of Thika, northeast of Nairobi, where the heist took place.
“We suspect the robbers hired one of the shops near the bank (while digging their tunnel),” Willy told Reuters.
The robbers were able to remove the earth during their months-long excavations without arousing suspicion by concealing it in boxes, the Daily Nation newspaper quoted local traders as saying.
The traders described the two young men who had rented the store as “very hardworking” and “introverts”.
This news in 2018 about the break-in of the Kenyan Commercial Bank through a tunnel dug into the vault reminds me of a film I watched many years ago where a group of bank robbers used exactly the same technique.
Physical Security in Branches
This section is typically the preserve of the Operations Manager in the typical branch environment. Due to automation, some of the functions may not be applicable especially in the case of a near cashless banking environment. However, for the sake of the existing banking structures which cater for a section of the public who still rely on physical interaction, it becomes relevant.
Modern bank branch designs include high-resolution cameras, integrated access control, video surveillance systems, and biometric authentication systems. These systems provide a secure environment for the bank staff, customers, and assets.
It seems physical security in branches is treated lightly by some managers. Let us follow a journey or survey of risk awareness program in many branches of banks. It will leave you with how vulnerable bankers can be in branch banking. It will explain the necessity of making sure that policies and procedures on risk need to be as down to earth or as practical as possible.
It will also bring to the fore the implications of some board room decisions, carved out into beautifully-worded handbooks for staff who may have no idea about the various concepts and fundamental reasons that went into the policy decisions. For implementation purposes, these guidelines need to be regularly hammered and escalated down for all staff to appreciate and use. As a manager, how is your branch’s physical risk management dashboard?
Revelations from some Branch Visits
Since the branches are the ‘nerve centers’ of banks, they are therefore the key outlets where most transactions take place, and obviously at more risk. A risk awareness program should not just be made up of itemizing a list of ‘do’s and ‘don’ts’. People easily get fed up with listening to instructions.
If you are a risk manager, why don’t you pay unannounced visit to branches to find out how risk conscious they are. Try to reach the destination early, about 6.30am when most staff have not arrived. What were the likely revelations?
- The security guard may not be ready for work…. still dressed in mufti clothes or not even available. Perhaps the night shift security man had left, leaving the branch very vulnerable.
- The front door may be left ajar, especially in branches where there is only one entrance (no back door, only one exit in case of fire or alarms). Seriously! Where is our Bank of Ghana? Did it allow branches to be opened without visiting the structures? At that unusual hour, you, the risk manager on a visit can even enter certain branches without your staff ID. If they do not even know you, you can decide to tell the security guard and cleaner that you are a manager from Head office to conduct training. After admiring your car, some of them may let you in with a flourish, carrying your bag with a laptop and they gave me the full African respect! You could be carrying a bomb or a gun! In some branches, the cleaner will stop you in your tracks and call the branch manager on phone to confirm my visit. Yes, that cleaner should be recommended for some appreciation, for his show of security consciousness.
- You have every power opening the unlocked cabinets, opening unlocked drawers which may contained some incriminating documents…. you know what.
To Branch and Operations Managers, do you know that “while you are busy sleeping, your legs are outside?” (as we literarily say in Akan). You need to take your much-needed sleep, but these are some of the dangerous state or red flags you might have left at the branch:
- Cluttered desks, confidential documents in the printer, identity cards in the Remittance Teller’s enclosures which some excited customers forgot after receiving their remittances from abroad. Loose and opened files showing customers’ correspondence with the bank, with their exposed signatures and personal information!!
- Un-shredded documents like computer print-outs of customers’ transactions revealing so much information which fraudsters would have paid thousands of cedi to get. The duty of confidentiality has become a joke.
- Customers’ copies of cheque or cash deposit slips in the drawers of tellers, and customer service staff.
- Blank letterheads, statement sheets and even real customers’ statements waiting to be collected. This is “gold” for visa racketeers!!
- Unlocked cabinets with customers’ loan files and mandate files……Oh! What a treasure for recalcitrant loan defaulters! Do you want to take them to court for wilful default? Wait until you start preparations for court, and you will never find the original loan file! It is an age-old problem.
- Official stamps lying about. When it is copied and used for fraud, the staff may suspect the poor, innocent cleaner.
- CCTV not working? Have the relevant department been notified? How was it positioned? Where were the back-ups kept? Are the recordings being over- ridden when replayed? Were the complaints logged?
- Customers’ cheques which have been sent for clearing not under lock and key!
- Electronic gadgets still on after close of work, and overnight…especially the printers, air conditioners, photocopiers, kettles still plugged in, etc?
- Many staff may not have had any training on fire prevention and may be ignorant of such end of day procedures.
Collecting all such exhibits and exposing risky issues during visits on fraud and risk prevention training will make much more sense to the staff as they begin to appreciate the extent to which their activities can lead to losses to the bank. Ignorance is indeed a disease.
There is more to add on, but let me pause here. For more insights on this topic, please book a copy of my new book, “THE MODERN BRANCH MANAGER’S COMPANION” which involves the adoption of a multi-disciplinary approach in the practice of today’s branch management. It also shares invaluable insights on the mindset needed to navigate and make a difference in the changing dynamics of the banking industry. Call 0244333051 for your copy.
TO BE CONTINUED
ABOUT THE AUTHOR
Alberta Quarcoopome is a Fellow of the Institute of Bankers, and CEO of ALKAN Business Consult Ltd. She is the Author of Three books: “The 21st Century Bank Teller: A Strategic Partner” and “My Front Desk Experience: A Young Banker’s Story” and “The Modern Branch Manager’s Companion”. She uses her experience and practical case studies, training young bankers in operational risk management, sales, customer service, banking operations and fraud.