GAP Questions World Bank Financial Cyber-Security

For Immediate Release

Government Accountability Project
Contact: 

Bea Edwards, International Reform Director
202.408.0034, ext 155
beae@whistleblower.org


Dylan Blaylock, GAP Communications Director
202.408.0034, ext. 137
dylanb@whistleblower.org

GAP Questions World Bank Financial Cyber-Security

Letter Sent to Bank President Questions Failure to Sanction Misconduct

WASHINGTON - In the wake of recent news reports demonstrating serious breaches
of the World Bank's information security system, the Government
Accountability Project (GAP) has sent a letter to Bank President Robert
Zoellick requesting an accounting of steps taken to address the issue.

According to media reports and internal sources, the
Bank's records, which contain sensitive financial information from
borrowing and donor countries, were repeatedly and illicitly accessed. World
Bank spokespeople denied the seriousness of the incursions. Apparently,
sanctions were only applied belatedly to an India-based company, long after the
damage had been done.

At the same time, the Bank has delayed sanctioning
five state-owned Chinese companies implicated in wrongdoing. In that case, the World
Bank reportedly offered a deal to a reporter if he would delay publication of his
story about the sanctions until after the G-20 Summit in Washington last
weekend.

The G-20 summit was significant to the World Bank, as the
institution prepares to assume a prominent role in addressing the global
financial crisis. This latest development, which undercuts the Bank's
financial records security, raises troubling questions about its future
effectiveness in dealing with the crisis.

"If
the World Bank cannot be absolutely confident about its cyber-security, which
safeguards highly sensitive information, is it in a solid position to help resolve
the financial crisis?" asked GAP Communications Director Dylan Blaylock.

GAP's letter, sent and received yesterday, is
available on GAP's Web site at: http://www.whistleblower.org/doc/2008/GAPLetter1119.pdf

Background

Beginning last month, FOX News's Richard Behar reported
that a vendor implicated in a bribery investigation of former Bank Vice
President Mohamed Muhsin had apparently installed spyware on World Bank work
stations. The ‘key-logging' spyware would have enabled the company,
Satyam Computer Systems, Ltd., to penetrate as many as 40 World Bank servers,
gaining access to sensitive financial information about pending loans and
contracts.

The World Bank's statements minimizing the
breaches and attacking accounts of them were plainly contradicted by internal Bank
memos showing top information technology officers in a state of high alert and
alarm. On Friday, November 15, another FOX News story reported that, through a
World Bank connection, the spyware had also penetrated the information security
system at the International Monetary Fund (IMF).

Click here to read
the FOX News article

Satyam, one of India's major information
technology companies, was contracted to work at the World Bank at the behest of
Muhsin in 2003. A formal investigation of Muhsin concluded in 2007 that he had
been improperly influenced by Satyam: "reasonably sufficient
evidence" demonstrated that Muhsin had secured as much as $100 million in
contracts and purchase orders for Satyam in exchange for stock options at
preferential prices.

Despite Muhsin's banishment from the Bank,
Satyam was allowed to continue working until September 2008 without penalty or effective
monitoring. For five years, through the terms of both ‘anti-corruption'
presidents of the Bank, James Wolfensohn and Paul Wolfowitz, the firm operated inside
the Bank with impunity. This permissiveness of improper influence is at odds
with international anticorruption conventions, which the Bank routinely exhorts
its borrowing countries to respect. The United Nations Convention Against
Corruption criminalizes:

[T]he promise, offering or giving to a foreign public
official or an official of a public international organization, directly or
indirectly, of an undue advantage, for the official himself or herself or
another person or entity, in order that the official act or refrain from acting
in the exercise of his or her official duties, in order to obtain or retain
business or other undue advantage in relation to the conduct of international
business
(Article 16).

The World Bank's Public Sector Governance Group,
which seeks to educate borrowing countries about fraud and corruption, has
declared: "Corruption sabotages policies and programs that aim to reduce
poverty, so attacking corruption is critical to the achievement of the Bank's
overarching mission of poverty reduction." The high-minded rhetoric is
squarely at odds with real practice at the institution.

"We have asked Mr. Zoellick how the
world's governments and taxpayers can be certain that corruption will
prohibited and sanctioned by the World Bank, when it has apparently allowed
such serious misconduct, resulting in such serious consequences, to continue
for so long." stated Blaylock.

###

The Government Accountability Project is the nation's leading whistleblower protection organization. Through litigating whistleblower cases, publicizing concerns and developing legal reforms, GAP's mission is to protect the public interest by promoting government and corporate accountability. Founded in 1977, GAP is a non-profit, non-partisan advocacy organization based in Washington, D.C.

Share This Article

More in: