The scandal around fraudulent activities at Stocks and Securities Limited (SSL), which have affected the accounts of multiple individuals including retired Jamaican sprint legend Usain Bolt and an undisclosed sitting member of parliament, is among the latest examples of what could be described as a trend of negligence and corruption developing in the region.

News of the disappearing money comes just about a month after charges, including conspiracy to defraud, were brought against Alysia Moulton White, former vice president of marketing at Sagicor Group.

Not long before, Moulton White’s sister, former Sagicor employee Tricia Moulton, and Malika McLeod were charged in connection with a $65-million fraud at the institution.

In 2021, former NCB manager Andrea Gordon was sentened to seven years in prison after being found guilty of embezzlement of $34 million. She was reportedly linked to $111 million in suspicious transactions.

Just last Friday (January 13), word came of another NCB employee being arrested on accusations that the 35-year-old wealth advisor defrauded US$30,000 from the account of a customer. That figure was subsequently revised to a substantially higher sum.

All of these cases pale in comparison to events such as the PetroJam scandal, the David Smith Olint scandal and the Carlos Hill Cash Plus scandal in Jamaica as well as the Lawrence Duprey CLICO scandal in Trinidad.

The Caribbean has barely begun its recovery process from financial stresses stemming from the COVID-19 pandemic and the war in Ukraine, and Jamaica in particular, which has already seen a rise in lottery scamming in recent years, has too much on the line to not have the strongest levels of cybersecurity.

Trevor Forrest, CEO of 876 Solutions and cyber security expert, shared with Our Today that, regionally, there is a serious lack of awareness with regard to cybercrimes.

“Generally in the region, people tend to think that we’re small so it won’t affect us which has bred a level of complacency despite the region being ideal targets for cyber attacks; we still have what they want, money and valuable information and we’re a soft target,” shared Forrest.

Forrest pointed out that, in his experience, banking institutions tend to have stronger security protections and invest significantly in their cybersecurity compared to other financial institutions. He pointed out that the human element is usually what causes breaches and not necessarily a fault in the bank’s security systems and part of the reason news about breaches has been appearing so frequently is because banks are now better able to detect them.

Forrest explained that, worldwide, more than US$6 trillion has been lost to cybercrime and it is projected for that number to increase to US$10 trillion by 2025. In Jamaica alone, US$100 million a year is lost to cybercrime and, in order to better secure customers, some conveniences would have to be sacrificed and adjustments to the current framework made.

He recommended that the Government invest more into digital literacy for the country as part of its digital agenda and for banks to place greater efforts in letting customers know more of the ways they are at risk.

“People need to be informed of what actions they are taking that leave them vulnerable, what steps they can take to better protect themselves,” he said.

Forrest also recommended that banks implement systems similar to how they notify customers of external transactions, meaning that they should also notify customers when their accounts are accessed by someone in the bank.

Referring directly to the SSL scandal and the leaked statement from accused former wealth advisor Jean-Ann Panton, he pointed out that Panton’s method of breaching was possible because SSL processed requests through the email system. Instead, he said, SSL and similar institutions should have a portal for customers to log into and issue their requests from there, which would then have to be approved by someone within the institution. This would leave a clear audit trail as opposed to what appears to currently be in place, which is just a “formula for disaster”, said Forrest.

The cyber security experted highlighted that the Financial Services Commission (FSC) does have the authority to mandate these practices and make them standard for finance operation in Jamaica.

– Send feedback to [email protected]