Yes.
You said that internal fraud is the most difficult type of fraud to detect and protect against. Earlier today, officials from the Department of Finance and the Canada Revenue Agency talked to us.
How do things work internally at Desjardins? How could have supervisors detected that malicious employee? It is clear that he managed to get into the system. Are there access levels and screenshots? Does the system issue alerts when it identifies something unusual? Are your employees allowed to have their cellphone with them when they work with data?
I am sure you will re-evaluate the existing measures. You talked about a lone malicious employee, but what will you do to protect yourselves against other malicious employees? What are your rules? How does it work?