The power of one (Editor’s notes)

Laws and regulations won't stop an employee with a little knowledge from beating the system

Go ahead. Ignore that problem employee. After all, how much damage can one person really do? In an era of Sarbanes-Oxley (SOX) compliance, checks and balances and redundancies, corporations are pretty insulated from the actions of a single rogue employee, right? (I can already hear some HR folks chuckling…)

France’s second largest bank, Paris-based Société Générale, has about 4.9 billion examples it can show employers as to how much damage one person can do. That’s how many Euros the bank lost — about $7.3 billion for those counting on this side of the Atlantic — after Jerome Kerviel, a 31-year-old futures trader, orchestrated a series of bogus transactions that spiraled out of control.

Experts say it was this worker’s superior knowledge of every aspect of trading at the bank that allowed him to circumnavigate the checks and balances in place.

Axel Pierron, a senior analyst at Celent, a financial consulting firm, said the situation shows that banks, despite the implementation of sophisticated risk management solutions, can still be jeopardized by an employee with a little knowledge.

So, legislation such as SOX and risk-management practices might stop a junior manager from scamming a $10 lunch, but apparently there are still a few loopholes.

But hey. That’s a giant overseas bank. Smaller employers aren’t open to that kind of risk, right? Well, there’s an architectural firm in Jacksonville, Fla., that might beg to differ. Marie Cooley, a 41-year-old employee at Steven E. Hutchins Architects, saw a help-wanted ad in the local newspaper for a position that looked a lot like hers. It even had her boss’s phone number listed.

Cooley, under the assumption she was about to get the boot, decided to go to the office on a Sunday night and get revenge. She erased seven years’ worth of drawings and blueprints with an estimated value of $2.5 million US.

It didn’t take the owner long to figure out who deleted the files — Cooley was the only person besides him with access. She was fired, arrested and charged with a felony. The firm managed to retrieve all the data, using an expensive data-recovery service.

Neither acts did the perpetrators much good. The bank trader apparently didn’t benefit at all financially from his wrongdoing, and the chief executive officer called his motivations “irrational.” Cooley’s fears about losing her job were completely unfounded. The job posting, it turns out, was for Hutchins’ wife’s company.

There’s no strong lessons for employers here. People are unpredictable and, for better or for worse, employers have to put trust in them. Good recruitment practices can mitigate some of the risk, and legislation, policies and redundancies can further reduce it. But if someone is bound and determined to cause problems, he’ll find a way.

Latest stories