Last month, on the occasion of Rafidain Bank’s 69th anniversary celebration, the chairman reported that the bank was looking forward to implementing its new IT system “as soon as possible.” The system, which includes the Mysis products “Bankmaster” and “Branchpower,” is supposed to increase efficiency and reduce operational risk by bringing together information throughout the bank onto a single automated platform.
While the chairman didn’t mention it, this project seems to have fallen a bit behind schedule. In January, 2009, it was reported that the bank would be bringing its 167 domestic branches online at a rate of three per week, which would have meant that the entire network should have been operational by the first quarter of this year.
And there’s evidently not a minute to lose. No sooner was the anniversary celebration concluded than three Rafidain branches were found to be involved in a scam to funnel bank funds to private businesses. The resulting loss came to a staggering US$ 350 million—the biggest theft in the bank’s history. This is exactly the type of operational risk failure that the new IT system might have detected.
Unfortunately, however, corruption at Iraq’s state-owned banks is likely to require more than just a technological fix. The problem is that IT systems are relatively ineffective in preventing fraud when there is collusion among staff, particularly if upper-level management is involved. These systems work best when you’re dealing with a single individual acting in secret—the typical perpetrator of insider frauds at the internationally active banks. Sooner or later a colleague is likely to notice irregularities in the system’s automatically generated activity reports.
But if the colleague, her supervisor, or even the branch manager is involved as well, those reports are only going to end up in the paper shredder.