top of page
Search

The Fastest Way to Manufacture an Insider Threat? Cut IT Pay

Deloitte just trimmed benefits for its workforce while leaning harder into AI-driven efficiency, and they are not alone. Read it here: https://lnkd.in/exQMBAwu


Every dollar a CFO carves from IT salaries is a dollar added to insider threat exposure. The math is that simple, and most boards refuse to do it.


Revenue pressure hits the P&L. The CFO looks for soft targets. IT compensation gets flagged as discretionary. Benefits trimmed. Bonuses deferred. Headcount frozen while workload climbs. And somewhere in that building, a systems administrator with domain admin rights, payroll access, visibility into client accounts, and knowledge of every control weakness watches his/her mortgage get harder to pay.


The ACFE has been clear for decades, financial pressure is the single most predictive indicator of occupational fraud. Not opportunity. Not rationalization. Pressure. And the people best positioned to commit catastrophic fraud inside a financial services firm are not the traders or the advisors, they are the IT staff who built, maintained, and audit the systems meant to stop them.


The regulator does not care that you cut costs. The regulator cares that you failed to supervise privileged access. SEC, FINRA, and state regulators have made it plain: custodianship of client data is a non-delegable duty. Cutting the pay of the person holding the keys while expecting loyalty is not a compensation strategy, it is a gamble against human nature.


I have sat in too many post-breach rooms where the root cause was not sophisticated. A terminated admin who kept credentials. A contractor passed over for conversion who walked out with the client book. In every case the firm had recently restructured, frozen pay, or cut benefits, and leadership called it prudent.


Prudent is paying your IT leadership what the role is worth. Prudent is separation-of-duties monitoring, privileged access management, and quarterly entitlement reviews. 


If your CFO is asking where to save money, the answer is not the people guarding the vault. The answer is everywhere else.


 
 

Recent Posts

See All
Scamming - Public Service Announcement

A text arrived on my phone this morning. Final Warning. Today’s date. Massachusetts Department of Transportation. License suspension if I don’t pay by end of day. A code citation. Five escalating cons

 
 

Timcke Risk Management, LLC

660 Massachusetts Ave

6th Floor, Boston, MA 02118

 

© 2025 by Timcke Risk Management, LLC

 

bottom of page