[EDITORIALS]Stopping online stock fraud

The 25 billion won ($20.7 million) stock fraud case involving embezzlement of money from an institutional investor's account is a shocking demonstration of the vulnerability of a leading securities company. But the crime was foreseeable in an environment where the nation's leading securities companies engage in cut-throat competition to lure customers to the so-called "e-exchange," while neglecting to ensure that these cyber exchanges are safe.

The suspect, sitting at a computer in a PC-bang and armed with the password of the Hyundai Investment Trust Management account managed by the Daewoo Securities, allegedly asked that the offline account be registered as an online account, then put out a buy order for 5 million shares, estimated at around 25.8 billion won worth, of Delta Info-comm. Then the suspect disappeared.

Seven million shares of Delta Info-comm, 95 percent of the company's total shares, were traded that day. Police strongly believe that the intent was stock-price manipulation. Delta Info-comm shares have risen fivefold in value in the past four months.

This case casts a stark light on the boom in online financial transactions. They have mushroomed in recent years, but creating the infrastructure to assure safety has lagged. Part of the blame lies with Daewoo Securities. Other securities firms open an online account for a client only after validation that the actual owner of the offline account made the request. About 50.8 percent of all securities transactions now take place on the Internet ?up from 1.9 percent in 1998. But to date, only nine firms have adopted an electronic authorization system.

The Financial Supervisory Service has declared that it will launch broad inspections of the internal regulations of securities firms. That is not enough. The government should advance the date for mandatory adoption of an electronic authorization system. Securities firms should not be afraid to publicize fraudulent incidents. When they do, it becomes harder for such incidents to recur. Hacking prevention systems should have been installed earlier. But it is not too late to install them now.