Your “Trusted Insider” Could Be the Enemy Within

The Inside Job Hiding in Plain Sight

You’ve been trained to fear cyberattacks—Russian hackers, Chinese botnets, ransomware gangs. But here’s the real red pill: some of the biggest financial threats today are already inside the system. Wearing badges. Logging into core systems. Having coffee in the break room.

In 2025, the list of insider crimes reads like a spreadsheet of betrayal. From stolen retirement funds to embezzled trust accounts, the common thread isn’t shadowy figures on the dark web—it’s insiders with access, time, and a bank culture that’s asleep at the wheel.

The Reshad Jones Case: Luxury Larceny, Corporate Complacency

Let’s start with the headline case. Former NFL safety Reshad Jones filed suit against Bank of America’s Merrill Lynch after his adviser, Isaiah Williams, allegedly stole $2.59 million from his accounts and burned it on travel, jewelry, strip clubs, and shopping sprees. Williams was arrested in June and released on a $1 million bond. Merrill settled the case for $9.5 million in August, a payout that didn’t just buy silence—it showed how long and deep this rot can run before anyone even notices the smell.

And that case? Just one of many.

Other Cases from 2025: Different Names, Same Playbook

This year alone:

• A bank employee in Rochester, NY, was charged with conspiracy, aggravated identity theft, computer fraud, and more—after illicitly accessing customer accounts. He faces up to 30 years behind bars.
• In Virginia, a former Truist insider pled guilty to stealing funds and doctoring records.
• In Michigan, a PNC teller embezzled nearly $80,000 over 11 months—only caught when transaction patterns triggered alarms.
• A Seattle adviser siphoned over half a million dollars from a trust account via slow-drip withdrawals over years.
• A former Fidelity adviser moved $2+ million through over 600 client transactions. Not a hacking genius—just a man with keys and no guard.

The Anatomy of an Inside Job

These cases have three things in common:

1. Access — The insider has tools and permissions to initiate wires, view personal info, and bypass normal checks.
2. Time — These aren’t fast heists. They’re years-long tap-drip thefts, masked as “normal operations.”
3. Lifestyle Bleed — When your adviser suddenly starts sporting luxury watches or jet-setting to Vegas, something's rotten. This isn’t just poor oversight—it’s cultural failure at the top.

Why the System Keeps Failing

Even the biggest firms are vulnerable. And not because they’re under attack—but because they’re not paying attention.

Supervisors are drowning in approvals. Security alerts are optimized for hackers, not for your charming insider skimming thousands through “routine” adjustments. And when profit is king, questions get postponed, and fraud walks free.

Audits? They’re periodic. Embezzlement? That’s a full-time job.

What You Can Do Right Now

You don’t need a law degree or a cybersecurity cert. You just need to stop assuming the system works. Here's how you start protecting yourself:

• Turn on real-time alerts: Every wire, external transfer, login from a new device—text and email. No exceptions.
• Strip permissions: Anyone helping you financially should have view-only access. Yes, even your CPA.
• Lock down withdrawals: Require callback verification, whitelist destination accounts, and enforce dual-auth for large transfers.
• Separate custody from advice: Use an RIA or brokerage where your adviser can’t move money unilaterally.
• Audit your accounts quarterly: Reconcile transactions yourself or with a CPA. Get the transaction logs, not just the brochure statement.
• Vet your professionals: Use FINRA BrokerCheck and SEC IAPD. Disciplinary flags or sudden job exits? Dig deeper.

What Firms Must Be Forced to Do

You shouldn’t have to beg your financial institution to do its job. But if you don’t demand it, no one will.

• Segregate duties: One person creates a transfer, another must approve it.
• Monitor employee behavior: Flag irregular access to high-net-worth accounts or after-hours data snooping.
• Force vacations: Many frauds fall apart when the fraudster isn’t there to “maintain” the scam.
• Enforce callbacks: And let clients see the policy in black and white.
• Notify immediately: If a breach or insider fraud happens, the firm owes you an answer and a timetable.

Bottom Line: Trust No One, Audit Everyone

The banks say, “Your assets are our priority.” But in 2025, we’ve watched major firms pay millions in settlements after insiders exploited the very systems they were hired to defend.

If you don’t build your own defenses, you’re betting your savings on someone else’s integrity—and in this game, that’s a losing bet.

Take Action Now:
Download Seven Steps to Protect Yourself from Bank Failure by Bill Brocius. It’s free, it’s real, and it might save your damn life.

Trust isn’t a strategy. Verification is.