Employee, not hackers, behind the possible fraud incident: UnionBank

The bank says it is conducting a “rigorous” internal probe to know the extent of the issue.

By Adrian M. Reodique
July 4, 2017

possible fraud incident in UnionBank
Credit: UnionBank Facebook page.

The Union Bank of the Philippines (UnionBank) has clarified that the recent possible fraud incident was not caused by external cybercriminals, but it is most likely the works of one of its employees. 

"UnionBank, during its routine checking, found out about a possible fraud incident involving one of its employees," the bank posted on its Facebook page on Sunday night (2 July 2017).  

"To mitigate the situation, the bank has already handed the case to the proper authorities for a more thorough investigation. Along with this, the bank is also conducting a rigorous internal probe to know the extent of the issue. Importantly, this incident is not in any way involved with cybersecurity or cybercrime," it continued.

The statement was posted a day after one of its female bank officers in its Ortigas, Pasig City branch was arrested by police operatives for allegedly stealing P17 million. She was believed to have made an unauthorised cash transfer from the bank's Ortigas Cash Centre to the Caloocan City Cash Centre on Friday (30 June 2017) afternoon, according to a report by GMA News Online.

This incident came weeks after the senate started probe on 21 June 2017 on the recent system errors experienced by the Bank of the Philippine Islands (BPI) and Banco de Oro (BDO), which drew concerns from the public.

BPI on 7 June reported an internal system error that caused some transactions between 27 April and 2 May 2017 to be double posted on 6 June.

In a report by CNN Philippines, Ramon Locsin Jocson, head of Enterprise Service Group at BPI, said the incident was caused by a human error and not hacking. BPI President and CEO Cezar Consing added that clients' data were not breached.

In a separate report of the probe by ABS-CBN News, Edwin Romualdo Reyes, executive vice president of BDO, confirmed that the three separate fraud events the bank recently faced were caused by skimming hacks of its seven automated teller machines (ATMs).

Reyes said the bank has disabled the cards that were compromised by the hack. The bank will also reimburse the clients who were affected by the unauthorised withdrawals.

Meanwhile, the Bangko Sentral ng Pilipinas (BSP) recently reminded its supervised banking and financial institutions that they have one more year to complete their Europay, Mastercard, and Visa (EMV) chip migration. The hard deadline to meet the requirement is 30 June 2018.