November 1, 2016 at 10:01 pm
Comments posted to this topic are about the item Generating Our Own Bad Data
November 2, 2016 at 6:59 am
I think to even suggest that the IT department could/should have prevented the mess at Well's Fargo is dangerous and perhaps unethical. Consider the news: people who pointed out the fraud were routinely fired.
I do think that IT can play a role in helping detect employees gaming the system. I think much of business could be improved by partnering with the IT department to make things better. But... I also think this is a long way from becoming the norm. And I don't believe that it is likely to change anytime soon.
November 2, 2016 at 7:15 am
Any time someone mentions bug bounties, I'm reminded of a 20yr old Dilbert strip...
As for systems catching this sort of fraud automatically, I can see several indicators that could be monitored, such as the frequency of new accounts being opened by existing customers, but even that would still require verification. With the "front-line" people being incentivized (by bonuses, etc) to fraudulently open accounts to exceed their sales targets, their supervisors likely being incentivized to ensure their staff is hitting / exceeding targets, and so on up the chain, there's little incentive to stop / prevent the fraud.
Until they get caught.
Cynical me sees a situation where the company puts in place an "internal fraud prevention team" to verify new accounts, who are incentivized to prevent X number of fraudulent accounts per quarter, teaming up with sales people to generate fraudulent accounts for the prevention team to "find" so they hit *their* numbers.
Credit monitoring sounds like a partial solution, except it's only going to tell you after the fact. (Arguably, a good, but not free, way to reduce the likelihood of fraudulent credit accounts being opened in your name is a credit report "freeze," now your credit can't be run without you contacting the bureaus to unfreeze your reports)
Arguably, this sort of problem won't go away until companies begin to have more realistic targets for bonuses. Currently, I'd not be surprised if it's more a case of "your target last quarter was 100 units and you hit 200, great job! Since you're so good at your job, next quarter your target is 1000 units!" If they're paying (making numbers up) $100/unit over target in bonuses, there's a LOT of incentive at stake, potentially enough to push a normally honest person over into committing fraud...
November 2, 2016 at 7:47 am
I don't think that a computer system could have detected the fraudulent activity at Wells Fargo. This was a systemic problem across the branches from the account representatives up through the branch managers. The employees were gaming the system to artificially make their sales quotas.
November 2, 2016 at 8:07 am
kiwood (11/2/2016)
I think to even suggest that the IT department could/should have prevented the mess at Well's Fargo is dangerous and perhaps unethical. Consider the news: people who pointed out the fraud were routinely fired.I do think that IT can play a role in helping detect employees gaming the system. I think much of business could be improved by partnering with the IT department to make things better. But... I also think this is a long way from becoming the norm. And I don't believe that it is likely to change anytime soon.
If IT was providing executive management with reports indicating an unusual spike in the number of new accounts opened and fees generated, then they have done their due diligence. IT's job is to produces accurate information from data. It's executive management's job to interpret and act on that information.
Still, it wouldn't surprise me if it were IT "geeks" who ultimately blew this whistle on this fraud. I believe that IT people in general tend to have a keen sense of right versus wrong. For example, most of us here would agree that 2 + 2 = 4 regardless of the financial, social, or political context. We're number crunchers at heart, not grifters or activists. However, society in general takes a more subject view.
"Do not seek to follow in the footsteps of the wise. Instead, seek what they sought." - Matsuo Basho
November 2, 2016 at 8:10 am
I don't feel it's the job of IT to play vigilante and hunt down people potentially abusing the system, unless you work in InfoSec and are just an evil person.
November 2, 2016 at 8:15 am
One big problem I have with conventional society is that we have way too many people in suits trying to hustle for money and not enough engineers, laborers, and teachers who are building, producing, and fixing things.
"Do not seek to follow in the footsteps of the wise. Instead, seek what they sought." - Matsuo Basho
November 2, 2016 at 8:50 am
I do not work for Wells Fargo, nor have I ever worked for them. Steve, in your article you suggested that data professionals should do more to help prevent fraudulent activity happening, such as it did at Wells Fargo. My guess is that there wasn't anything in place to detect this. That some people realized they could get away with it and make money, make quotas or get promotions because of the lack of constraints being in place. I could be wrong of course, I'm just making an educated guess based upon how I might do it, if I were not scrupulous and happened to work there.
Kindest Regards, Rod Connect with me on LinkedIn.
November 2, 2016 at 8:51 am
Terry Pratchett described how the city of Ankh Morpork dealt with a plague of rats by paying a bounty on dead rats delivered. Despite this the rat problem kept getting worse until the city Patrician solved it by saying "tax the rat farms".
You get what you bonus for.
Daniel Pink described the phenomenon in some detail in his book "Drive". You have to be so careful when you design an incentive scheme or benefits system. If it can be gamed it will be gamed. How well did Bankers Bonuses work out for us all by the way?
If anything a bonus system does more harm than good because in addition to skewing the system performance drops to a lower level than when you started when the bonus system is removed.
November 2, 2016 at 9:00 am
David.Poole (11/2/2016)
Terry Pratchett described how the city of Ankh Morpork dealt with a plague of rats by paying a bounty on dead rats delivered. Despite this the rat problem kept getting worse until the city Patrician solved it by saying "tax the rat farms".You get what you bonus for.
Daniel Pink described the phenomenon in some detail in his book "Drive". You have to be so careful when you design an incentive scheme or benefits system. If it can be gamed it will be gamed. How well did Bankers Bonuses work out for us all by the way?
If anything a bonus system does more harm than good because in addition to skewing the system performance drops to a lower level than when you started when the bonus system is removed.
Unfortunately for me I've never worked at a place that offered bonuses. (It's sometimes amusing when talking with recruiters. "What? You haven't any bonus??") But I would hope that not every place that has a bonus will give in to fraudulent activity. I still hope to one day work at a company that offers bonuses.
Kindest Regards, Rod Connect with me on LinkedIn.
November 2, 2016 at 9:55 am
One thing I try to be on the lookout for is our (my) tendency, as someone who works in technology, to attempt to solve all problems, regardless of their nature or root cause, with technology.
The Wells Fargo mess is an excellent example of an ethical/managerial problem. As others have pointed out, lower level employees who brought the issue to the attention of management were promptly fired. Fancier technology would not have turned corrupt management ethical.
November 2, 2016 at 10:17 am
Eric M Russell (11/2/2016)If IT was providing executive management with reports indicating an unusual spike in the number of new accounts opened and fees generated, then they have done their due diligence. IT's job is to produces accurate information from data. It's executive management's job to interpret and act on that information.
There seems to be a fundamental belief that the data had unusual spikes. But the information available suggests otherwise. All information suggests that they added a single extra account here and there to customers over an extended period of time.
Because there is mounting evidence that he knew or should have known what was happening, there are calls for the CEO to face criminal charges. Given that so many people who worked in the office believed fraud was normal I fail to see how IT is going to magically stop it.
As for the due diligence comment - I am a bit shocked. It is not the job of IT to setup monitoring for internal fraud without input or guidance from management. Suggestions otherwise are a bit frightening.
November 2, 2016 at 10:19 am
In the case of WellsFargo Bank, what's notable is how many people were involved and pervasive it was across practically all it's regional locations. I'm not sure that putting the right information in front of the right WellsFargo executive would have solved anything. I've heard interviews on the radio from people who say they reported the issue to their branch manager, and the only response was for the bank to investigate (retaliate against) THEM.
However, the Gate Keepers of the database are in a unique position to see everything coming in and going out of the system, and somebody apparently had to courage to blow the whistle to law enforcement and the media.
"Do not seek to follow in the footsteps of the wise. Instead, seek what they sought." - Matsuo Basho
November 2, 2016 at 10:24 am
kiwood (11/2/2016)
Eric M Russell (11/2/2016)If IT was providing executive management with reports indicating an unusual spike in the number of new accounts opened and fees generated, then they have done their due diligence. IT's job is to produces accurate information from data. It's executive management's job to interpret and act on that information.
There seems to be a fundamental belief that the data had unusual spikes. But the information available suggests otherwise. All information suggests that they added a single extra account here and there to customers over an extended period of time.
Because there is mounting evidence that he knew or should have known what was happening, there are calls for the CEO to face criminal charges. Given that so many people who worked in the office believed fraud was normal I fail to see how IT is going to magically stop it.
As for the due diligence comment - I am a bit shocked. It is not the job of IT to setup monitoring for internal fraud without input or guidance from management. Suggestions otherwise are a bit frightening.
By "due diligence", I simply meant that IT has a responsibility to provide executive management with accurate reports.
"Do not seek to follow in the footsteps of the wise. Instead, seek what they sought." - Matsuo Basho
November 2, 2016 at 10:45 am
Eric M Russell (11/2/2016)
One big problem I have with conventional society is that we have way too many people in suits trying to hustle for money and not enough engineers, laborers, and teachers who are building, producing, and fixing things.
Agreed
Viewing 15 posts - 1 through 15 (of 33 total)
You must be logged in to reply to this topic. Login to reply