Insights: Chris Greany

One of the things I learned when I was on the “other side”, as National Coordinator for Economic Crime and Cybercrime prevention for UK policing, was that the banks who supported the wider approach with law enforcement to prevent, identify and stop criminal activity were the ones who were seen as driving legitimacy across the board.

So, I’ve always felt that my role within Barclays is to support our joint mission of ensuring legitimacy through preventing and identifying threats to our business. Because, ultimately, customers will go to the service they trust and can believe in. The unique selling point for banking and finance particularly in the 21st century is in the answer to the question: “Do we trust you – with data, with details, with money?”

Part of that trust journey is demonstrating that when we do find clear criminality – and every organisation, no matter how good they are will have some in isolated pockets – we deal with it and that there are consequences. That’s good for the trust outside the bank and for driving a positive, responsible culture inside the bank. Protecting the business from a whole range of threats protects our customers and society more generally.

The secret is to identify and deal with it – confront the issue face on, and be open and honest about what you’ve found, and then move on. And when you do that, people will understand that you are doing the right thing.

I think what our customers wouldn’t like is for it to be hidden away. So, the role is to identify it, discover it, and deal with it – and where necessary fully support a law enforcement investigation. Doing the right thing, walking towards the fire, dealing with risk and making decisions – no matter how hard – is key.

How do we do this? My official title is ‘Head of Group Investigations and Insider Threat at Barclays Chief Security Office (CSO)’ and that’s already long enough – but you can’t have everything you do in the title, otherwise your business card would be four metres long! It’s a global role and covers many different countries and legal jurisdictions so we have to be aware of that as we work across time zones, and different cultural attitudes.

My team are located across the key International Barclays sites, so we have reach and depth when we need it. CSO comprises many areas, and I am one of the many cogs that collectively makes it a successful holistic security function, delivering a service to the wider bank. We also have excellent legal support, and a designated lawyer to help guide and advise us during complex decision making.

What we do is investigate wrongdoing, poor behaviour and suspected criminal conduct that affects our business, customers and clients.

We also provide network monitoring services to ensure that data and documents that leave the bank should be leaving the bank. (Dealing with data leakage prevention is key to any Insider threat programme, as is recognising the fact that anyone could be an unwitting insider – so CSO also has wide-ranging education and awareness programmes).