Requiered: It Might Be Argued That The Physical
Requiered: It Might Be Argued That The Physical
Requiered: It Might Be Argued That The Physical
firm that did consulting work for Security Pacific Bank in California. In early
October 1978, he visited a diamond broker in L.A. and placed an order for about
42,000 carats of polished gemstones. The retail value of the stones was about $13
million; however Rifkin contracted to pay $8 million as the cash wholesale price.
An order was then placed by de broker in Russalmaz, The Soviet government’s
diamond exporting company.
After making the payment, Rifkin flew to Zurich under a fake passport to pick
up the diamonds. He smuggled them back into the United States and commenced
to pawn them. His downfall occurred when he made contact with someone in
Rochester, New York, during an attempt to sell the remaining diamonds. The
contact was a lawyer with whom he had been associated, and he disclosed to the
lawyer how he had committed the “perfect crime”. Ethically, the lawyer was bound
to take the matter further with the authorities. The FBI traced the sequence of
transfers and apprehended Rifkin in a friend’s apartment with the diamonds.
Rifkin executed the transfers on October 25. However, it was not until early
November that Security Pacific found out the money was missing, supposedly in
response to some inquiries from the FBI. Once the fraud was detected, it was
easy to identify Rifkin as the culprit, since the bank taped all telephone transfer
orders. The diamond broker in L.A. identified Rifkin’s voice on the tape. When
questioned about their inability to promptly identify the unauthorized transfer of
funds, the bank responded that there was nothing unusual about the $10.2 million
transfer that had occurred.
Requiered: It might be argued that the physical access controls in the bank’s
system were weak. Nevertheless, Rifkin was a skilled, intelligent individual who
had acquired a position of trust among the bank’s employees, and consequently
the system might always be vulnerable in spite of strong preventive controls. What
detective controls would you recommend, therefore, to enable an authorized
electronic funds transfer to be identified quickly?