Wednesday, February 20, 2013
By LAMECH JOHNSON
Tribune Staff Reporter
ljohnson@tribunemedia.net
A COURT in a $1.3m theft case heard yesterday how a verbal request was put in to Scotiabank’s Systems Support Centre by a loans officer at the Nicholl’s Town branch asking for the assistant branch manager’s system profile to be assigned to his password.
However, the bank’s senior manager of the department told a jury yesterday that the request made in 2008 was denied because it was not in writing, as protocol requires.
The senior manager told the court that no subsequent request was made.
As the senior manager of nearly four years gave his evidence in court, Natasha Evans and Tremell Taylor sat behind their respective attorneys listening to his evidence.
Both deny allegations of stealing by reason of employment, concerning the theft of $1.3 million from the Andros branch between April and June 2008.
At the time, Taylor was a trekker and Evans was the assistant branch manager.
Their former co-accused, former loans officer Byron Roberts, pleaded guilty on Monday about his role in the $1.3 million theft.
Yesterday, prosecutor Ambrose Armbrister asked the SSC senior manager to explain the purpose of that department.
The manager said the SSC governed all access to the bank’s systems, networks and also dealt with security system parameters.
He said the centre covered all Scotiabank branches throughout the Bahamas and the Turks and Caicos Islands.
When asked to explain the system that tellers use, the SSC official said that tellers used a programme called the Interactive Teller Platform that gives them a unique ID and password allowing them to perform their access to the bank’s system to perform their day-to-day interactions like key deposits and withdrawals.
He added that a new employee, who is given a password by company officials, must immediately change that password, or they would not be accessible to the system.
He said passwords for the company change on a routine basis and if they are not changed within the timeframe or notice given, tellers and other officers in the bank would not be able to access the system.
“Are tellers the only officials with access to this?” the prosecutor asked. The manager said no. He said that bank superiors such as branch managers also had access to this system.
“Is anyone other than branch employees allowed access to employee passwords?” Mr Armbrister asked. “No,” the manager said.
When asked if there was any other way a password change could come about other than expiration, the official said there could be a “forced change” at the request of the manager.
He said that the Nicholl’s Town branch fell under the SSC’s administration and all the bank’s systems functioned properly in 2008.
“If they did not, how would you know?” the prosecutor asked.
The manager said a daily check of the systems occur and if there is a problem, the branch manager would notify SSC.
“For the year 2008, did any request come from Nicholl’s Town giving notification for a forced change?” the prosecutor asked.
He said he knew of a verbal request that came from Byron Roberts asking for the assistant branch manager’s system profile to be assigned to his password. “Was the request granted?” the prosecutor asked. “No. The request was not granted because it was verbal,” the manager said.
Referring to deposits and withdrawals, the SSC senior manager said a maximum of $20,000 could be deposited and a maximum of $10,000 could be withdrawn. He said any more than that would have to be authorised by the manager. In cross-examination, Mr Gomez II asked the senior manager if the various systems used by the bank were accessible by a single password. “It depends on the user,” he said, adding that if the banker was a user of there three systems, one password could be used for all three systems.
“Is the manager of the bank capable of doing that as well?” the attorney asked. “Yes,” the senior manager of systems support centre said.
After further questioning, the attorney asked if a teller was making a withdrawal for over $10,000, would the bank’s system be able to tell which supervisor authorised it? “Definitely,” the senior manager answered.
Mr Ferreira referred to the manager’s testimony about one of the bank’s systems and asked if tellers had access to that critical system. “They don’t have server access,” he said.
The trial resumes today before Justice Indra Charles. Evans and Taylor are on bail.
Comments
Concerned says...
You really have to be at the level of complete dumbness to think you can get away with teefing $1.3 million and no one will notice. Love of money is truly root of all evil.
Posted 20 February 2013, 6:06 p.m. Suggest removal
Log in to comment