The invidious NSA scandal has reached yet another dimension: The US intelligence agency has reportedly spied on SWIFT financial data. And the review of the Snowden tapes showed that the United States spied on Brazilian oil company Petrobras which, if proven, would be tantamount to industrial espionage and has no security justification, according to Brazil’s President Dilma Rousseff.

In principle, cooperation with US security agencies is nothing new for SWIFT, but only in very rare situations, when there is clear suspicion of terrorism. SWIFT has always emphasised that it was forced to provide access to its data to abide by the law. However, it now seems as if the NSA is randomly wiretapping financial data without permission.

Apple iPhone 5s Touch ID
The new iPhone 5s released yesterday has an integrated fingerprint identity sensor in the home button:

The iPhone 5s will only let recorded fingers access the phone. But already some security researchers are saying thieves may chop off iPhone 5s owners’ fingertips to gain access. This is rather an extreme view, but the concerns about these fingerprint details being recorded and held in an Apple database are real. Apple executives stressed several times that the data never leaves the A7 computer chip on the phone. Even NSA cannot access this data - all Apple users hope.

Details of 2 million Vodafone Germany customers stolen
In a statement, the Vodafone says that the attacker managed to get hold of bank account numbers and sort codes, as well as names, addresses, dates of birth, gender information. Credit card numbers and PINs were not compromised.

The attack was carried out with "high criminal energy" and "insider knowledge", says the statement, but was stopped as soon as it was discovered. 

Controlling fraudulent practices and demonstrating due diligence
Not only do companies need to minimise internal fraud and stop bribery they also have to be able demonstrate to the regulators that they have the due diligence procedures and programmes in place. 

ACL has just launched an Anti-bribery and Anti-Corruption Solution. The packaged offering, built upon ACL software, consulting services and best practices templates distilled from working with Fortune 500 companies, enables organizations to implement a proven internal control framework rapidly that mitigates key bribery and corruption risks, which can otherwise result in costly fines, corporate reputational damage, and incarceration.

Their new solution packages ACL technology with expert consulting services to support 30 key controls monitored with 20 analytical tests that automatically comb massive quantities of data for suspicious patterns and share results for reporting and remediation.

Although most companies have a mature internal control framework in place with regard to financial reporting, these control activities seldom detect issues of bribery and corruption. One-off, haphazard approaches that lead to gaps in the monitoring and identification of instances of corruption, as well as a lack of technical skills required to establish technology-enabled anti-bribery mitigation1, leave organizations dangerously exposed.

---

Exposure to the authorities, hackers, internal fraud and bribery is now a critical concern to senior management and corporate treasury departments. The only solution will be a combination of systems and vigilant management AND government departments stopping doing fundamentally illegal actions to ‘protect us.’