True enough, but the damage to the company’s reputation and credibility is surely far greater. Among Wipro’s wide range of services is consulting and advisory on financial management, including treasury and cash management and risk management. The company also prides itself on its CMM 5 Level status – that’s the highest level in the Capability Maturity Model developed by Carnegie Mellon University, indicating that Wipro’s processes are at their optimum. People can be forgiven for wondering: Is this a case of physician, heal thyself?

 

Other companies should not gloat, however. If a CMM Level 5 enterprise like Wipro can be hit by fraud, how much more vulnerable are those with no such certification? Wherever there is money, unfortunately, fraud is always a possibility. There are lessons to be learned from what happened at Wipro, both on how the embezzlement was made possible and the way the company is handling the matter.

 

The man at the centre of this storm is a chartered accountant whose dead body was found near a railway track in Bangalore in December, a few weeks after the embezzlement came to light. According to Wipro, this “junior member of the company’s controllership team” was discovered to have been transferring company money to his personal account from November 2006 until last year. The company has not revealed exactly how much was siphoned off, but media reports say the total is in the region of Rs20 crore, or US$4 million.

 

“Our investigations have revealed that only this employee was involved, and nobody else in the team had any clue,” Suresh Senapaty, Wipro’s CFO, told the Economic Times. “We have recovered more than half of the amount.” The company is now “undertaking actions with respect to stricter adherence to processes,” he added. “We have to be more alert in monitoring, and we need to tighten the processes for ensuring an early warning system and make it tougher.”

 

In its statement to shareholders, Wipro said it had “put into place additional initiatives to help ensure Wipro’s financial controls and financial reporting remain unassailable by anyone within and outside the company.” Changes have been made to “certain key positions in the controllership team,” said the company, because their association with the late employee has “created a conflict of interest for them.” Internal and external advisors are also reviewing and enhancing internal controls and procedures.

 

The internal report has not been made public, but the media has been quoting unidentified Wipro officials who requested anonymity. “The employee stole the password from a colleague and used it to transfer money to his and his family members’ personal accounts,” one of them told the Economic Times. The newspaper said the transfers ranged from 100,000 rupees (US$2,174) to 1.2 million rupees (US$26,088) at a time, which are not insignificant amounts. If true, they should have raised red flags within the company and the bank, which presumably has anti-money laundering policies in place.