User Access Controls For Lowering Internal And External Fidelity Risks

May 27, 2025

John Whisenant, a 42-year-old man from Tacoma, was sentenced to 142 months in prison for wire fraud, after embezzling more than $2 million from his employer, an online used car sales company.

Whisenant's fraudulent activities began in October 2018 when he started working at the company in various roles. About a year later, he was promoted to a position that gave him access to the company's bank accounts and accounting software. From June 2019 to November 2021, Whisenant made 57 wire transfers totaling more than $2 million into accounts he controlled, disguising these transfers as legitimate business expenses in the company's accounting software.

Whisenant used the embezzled funds to lead a lavish lifestyle, purchasing luxury automobiles such as Porsches and Mercedes, and spending $23,000 on airline tickets.

In July 2023, Whisenant was arrested and pled guilty in March 2024. However, just before his sentencing date in July 2024, he sent an email to his pretrial services officer stating, "I'm not ready to go to jail yet," and went on the run. Despite his efforts to evade the authorities by swapping SIM cards and selling meth to make money, the FBI located and arrested him on August 14, 2024.

Commentary

In the above matter, the fraudulent activity began when the perpetrator was given access to the company's bank accounts and accounting software.

To limit fraud, employers should limit access to accounting and financial accounts and software. Limiting access helps in preventing fraud by reducing opportunities for both external and internal users to commit fraudulent activities.

By ensuring that only authorized personnel have access to sensitive financial information, organizations can minimize the risk of unauthorized transactions and embezzlement.

Other important reasons exist to limit access to financial data and controls.

By restricting editing access to financial data, employers can also maintain the accuracy and reliability of their financial records. This prevents unauthorized modifications that could lead to financial discrepancies and errors.

Limiting access also helps in safeguarding proprietary information and maintaining the confidentiality of financial data.

Proper access controls also contribute to operational efficiency.

The final takeaway is that by limiting access to accounting and financial software, organizations lower their risk to financial exploitation, both internally and externally.


Source: https://www.justice.gov/usao-wdwa/pr/former-employee-online-car-sales-company-sentenced-more-11-years-prison-2-million

Finally, your opinion is important to us. Please complete the opinion survey:

Product

Articles

User Access Controls For Lowering Internal And External Fidelity Risks

An employee with financial access steals more than $2M for luxury items. We explore the crime and the value of limiting access to data to only a few.

Should American Employers Offer Hangover Leave? You Make The Call

A Japanese company offers hangover leave to attract and retain staff. Does that make sense for your organization? You make the call and join the conversation.

Having Multiple User Accounts Creates High Risk Of Internal Breaches

Disney is rocked by a cyberbreach caused by a "disgruntled" ex-employee. How can your organization avoid the pain of a cyberattack from an insider with grievances? We examine.

Healthcare Organizations And The Risk Of Double Extortion From Ransomware

Another healthcare organization is fined after a ransomware attack. We examine the many risks ransomware presents as thieves continue to attack healthcare employers.

Should Your Workplace Embrace "Unhappy Leave"? You Make The Call

A survey claims employees are taking "unhappy leave" and employers should embrace this phenomenon to their benefit. We want to know your opinion.