The Mint lost over $1 million through apparent embezzlement (or egregious error) last May and has only been able to recover a small fraction of the money so far, the Australian Financial Review reports.
How? It seems someone was able to simply log on to an online banking website and transfer a total of $1.095 million on four occasions.
The AFR found the story in the Australian National Audit Office’s recent report on the yearly financial statements of federal agencies, which explained:
“The online banking portal, although requiring two separate authorisations, was not configured with dollar limits on transactions or protocols for who is an appropriate independent second authoriser.”
ANAO says “management commenced immediate recovery actions” once the payments were identified and:
“The Mint have advised that authorisation controls for all payments greater than $10 000, made either directly through the online banking portal or through the Mint’s FMIS, have been amended to ensure a senior officer external to the finance area must be the second authoriser. Recovery activities are ongoing and the Mint has advised that the total of unrecovered payments at the date of this report is $915 000.”
The newspaper reports the Australian Federal Police have also been called in to investigate.