Who is Hervé Falciani and why do we care?

falciani_nice_matin_1209

Herve Falciano recounted a saga of life in a thriller to Nice Matin newspaper but there is little evidence to back the story

Geneva, Switzerland (GenevaLunch) - Europe’s largest bank made a startling confession, accompanied by an apology, to its clients 11 March: Britain’s HSBC said it had been given evidence by the Swiss Federal Prosecutor that a Geneva office employee stole data linked to 24,000 client accounts and tried to sell the information abroad. The employee, Hervé Falciani, had tried to flog that data to Lebanon in 2008. His failed attempt was the start of the unraveling of his theft scheme. Evidence of efforts by Falciani and a female companion for the first time linked his name to the theft, which the Swiss government had been investigating for several weeks.

Human factor is the real risk for an international company with secrets

It also drew attention to a significant problem for international companies that have any private data, from client information to research and development data: It takes a human being to steal for personal gain, so knowing staff well is as critical to security as a good IT system. Laws inside a country may protect corporate secrets and privacy, but once international boundaries are crossed the issue of countries not extraditing their own citizens can become an issue.

Thief, spy saga victim or honest whistleblower: Falciani’s many faces

Hervé Falciani was not, as first media reports in July 2009 implied, a relatively young outsider at the bank. Nor was he a whistleblower, a label he tried unsuccessfully to give himself when the public spotlight turned on him. The evidence that he was involved in some kind of secret agent deal appears to be believed by no one but Falciani.

The label of whistleblower, more socially correct than that of thief, has lingered, in part because of media reports that imply he stole the data for some greater good. Reuters, in a 12 March article, lumps Falciani in with whistleblowers, but further down in the story notes that German reports show he tried to sell the information to Germany for $3.39 million.

France, for its part, raided his house to get hold of the data after Switzerland informed the French government of the theft and asked, under the terms of a bilateral treaty, for judicial assistance. France initially refused to give the data to Switzerland and gave Falciani a new, safe identity in the south of France. France does not extradite its own citizens. It is unclear if Switzerland knew when it asked for judicial assistance, the extent and type of data stolen.

The French public prosecutor in Nice, who initially referred to Falciani as giving the data because of his desire to do good, suggested some 130,000 bank accounts were involved. HSBC initially thought only 7-10 accounts were linked t the theft, but it was not shown any evidence until 3 March 2010, by either the Swiss or French governments. HSBC in Geneva has a total of 100,000 accounts and says no accounts outside the Geneva office of the bank are involved.

HSBC goes public with facts on ex-employee

Here is what HSBC, which spoke publicly about him for the first time 11 March, says about Falciani:

Hervé Falciani

  • A trusted employee who for many years had been with the Group in the IT department and, as a result, had access to a large amount of data in the course of his normal professional activities, as did a handful of other staff members who did not steal data
  • Worked at the end of 2006 as a technical analyst on a data migration involving client records, and, according to our findings, took the opportunity of this specific data migration to transfer records onto personal devices
  • Obvious intention of theft and malicious intent: according to information published in the press, he tried in spring 2008 to sell the files originally to several banks in Lebanon and, it seems, to various authorities; he transferred them onto his private computer; he fled to France from questioning by the Swiss prosecutor; he has since tried to invent a fantastic story about kidnapping and secret services to cover up his actions
  • Has tried to position himself as a whistleblower within the organisation, but we have no record of his reporting or suggesting anything to his supervisor.

IT

  • It is unclear how HF managed to physically steal the data
  • Since 2006, the bank has been constantly upgrading its systems and has dedicated a large proportion of the IT budget to improving our systems and security
  • The determinant factor in this affair is the human one: IT is not the real issue, and data theft is becoming an ever-more serious preoccupation within the industry.

Legal proceedings

  • A criminal investigation was initiated by the Swiss Federal Prosecutor in summer 2008, following an attempt to sell the data to Lebanese banks. The name of HF will be linked to this attempt for the first time on 22 December 2008
  • The bank files a charge against HF for suspicion of misuse of economic intelligence, extraction of confidential data, violation of commercial confidentiality and violation of banking secrecy and other offences committed to the detriment of the bank but also of the Swiss Confederation (présomption de service de renseignements économiques, de soustraction de données, de violation du secret commercial et de violation du secret bancaire)
  • The affair is still under investigation by the Swiss Federal Prosecutor and the bank refrains from commenting on any legal issues linked to this case.

Ed. note: in Switzerland Falciani is generally referred to by his initials, HF, the norm for people involved in court cases because of Swiss privacy laws, although if the figure is clearly a public figure the name is sometimes mentioned. In France and on the Internet his name and that of the woman Le Monde refers to as his mistress, have been widely published. Falciani, who now has a new name, has gone on television in France to talk about the crime.

Links to other sites: Le Monde (Fre), Nice Matin (Fre), PressEurop

Comments

  1. Mark Lucking says:

    Profiling a controversial practice airports want to employee to catch terrorists; not sure our HSBC mole and another infamous mole Heinrich Kieber [LGT mole] fall into this class; but here is list of what these two individuals have in common.

    1/ Both moles on the inside; hardly surprising, but enforces the mantra suggested by most security professionals insider pose a far greater risk then outsiders in this field.
    2/ Both moles working in IT, back office roles; hardly surprising since front office access to this type of data is more limited; and is audited more extensively.
    3/ Both moles single; need to disappear after selling the data; more difficult if you have a wife, even more so children I would suggest.
    4/ Both moles look as if they are in their thirties; not sure if this is significant.
    5/ Both moles claiming a moral defense; suggesting they are doing society a favour by being a whistleblower; surely not significant.
    6/ Both moles sold the data to their home country, HSBC a Frenchman sold to France, LGT a German sold to Germany; there is a subtle trust issue in there I am sure [a side point the French man had a Lebanese girlfriend; and also tried to sell to the Lebanese].
    7/ Would seem likely both moles must have had out-of-hours access [speculation], cannot believe they took the data in company time; too risky if caught I would suggest.
    8/ Would also seem likely migration projects both moles working on unlikely to be at production levels of security controls or monitoring [speculation].

  2. banking says:

    banking…

    […]GenevaLunch » Who is Hervé Falciani and why do we care?[…]…

  3. […] Su trabajo en 2006 es reorganizar la base de datos de la entidad para reforzar su seguridad. Para HSBC, Falciani es un “empleado de confianza” con acceso a gran cantidad de información en […]