Wipro plans to undertake internal restructuring of its finance department, reports CNBC-TV18, quoting sources. In an interview with CNBC-TV18, Vijay Mukhi, Consultant - Cyber Law, DSK Legal gave an insight into how such embezzlement could have gone undetected, and what companies can do to strengthen their security systems.
Sources say the fraud was committed through online means and the amount siphoned into a personal account. Wipro is yet to report the matter to the police.
The IT major plans to tighten online security within the company and will appoint an agency to monitor accounts. It will also issue investigations into other departments as well.
In an interview with CNBC-TV18, Vijay Mukhi, Consultant - Cyber Law, DSK Legal gave an insight into how such embezzlement could have gone undetected, and what companies can do to strengthen their security systems.
Here is a verbatim transcript of the interview. Also watch the accompanying video.
Q: Why is it that the company hasn't proceeded with action against this employee apart from suspending him?
A: I have seen scams which have been bigger than this and when the company management talks to you, the first question they normally ask you is we don’t want to go to the press or the police. So I am not surprised at the fact what Wipro has done nothing about it so far.
Q: Where do you think the lapse has happened? This is a very through professional company with one employee over a period of time hacks into the system and Rs 20 crore is moved into his account. Why did this go undetected?
A: I think this went undetected because Wipro may have used auditing techniques which are manual. When you are the size of a company like Wipro you need a software which can keep track of all these transactions like the airline industry uses it to check that my credit card is not misused. So you need anti-money laundering to check for fraud which obviously Wipro didn’t do.
Q: What can Wipro do now? Keeping this quiet and suspending the employee is no solution and you would agree with that. Whether companies like to talk or go to the press or Wipro in this case has put out a statement and perhaps many companies wouldn’t even have done that, but under the law how should Wipro proceed and shouldn’t a person like this be brought to justice?
A: If Section 66 of the IT Act applies, it is a clear cut case of hacking. Now what Wipro needs to find out is, is it one employee or were there 50 other employees who were a part of it? It is odd that you have such a big scam and you have only one employee involved.
I believe this should go to the police and court and tell everyone that cyber crime in India doesn’t pay. Today the big problem is that there is no conviction. So the cyber criminal gets away with murder.
Q: So what would be the lessons from this incident, more specifically other IT companies?
A: First lesson is that when IT companies don’t take the cyber crime cases to court. The entire ecosystem doesn’t learn how to fight cyber crime. I think that is what we need to do. We need more companies to go to the police.
READ MORE ON Vijay Mukhi, DSK Legal, Wipro, internal restructuring, finance department, Section 66, IT Act, hacking, cyber criminal
ADS BY GOOGLE
video of the day
Budget 2015-16: Revive capex through savings on cheap crude says Kotak Sec