Insider Threat Risk Is Growing
What were once isolated security incidents are increasingly viewed as systemic insider risk issues. Members in a recent session of NeuGroup for Internal Audit Executives described a rise in fake candidates, dual employment and sophisticated attempts by external or state-linked actors to gain what seems like legitimate system access through employment. In some cases, individuals were hired into roles only for the work to be outsourced or quietly performed by someone else after onboarding. As a result, insider threats—risks that come from people given access to company systems, including employees, contractors or other trusted parties—are becoming a recurring audit focus area rather than a problem left solely to security teams.
- Members noted a clear shift in how hiring controls are perceived: Identity assurance during recruitment and onboarding is now seen as a core security control.
- Practices that were previously not done due to logistical issues—such as in-person verification steps, device pickup requirements, biometric checks during interviews, IP log reviews and retrospective badge analyses—are being reconsidered as necessary risk mitigations.
- Analytics around early changes to personal or banking details after hiring were highlighted as particularly strong red flags.
Third parties and contractors represent a growing access risk. Risk exposure is not limited to direct employees. Contractors, outsourced developers and vendors are increasingly viewed as potential backdoor entry points, especially when third-party diligence or access controls are weak. This has prompted greater audit attention on vendor risk management, contractor onboarding and access patterns across hybrid workforce models. —Ted Howard Citi’s Mexico Divestiture Raises Questions About Replacements
Payroll banking in Mexico has become a big issue for treasury teams following Citi’s separation of Banamex, its consumer banking franchise in the market, according to members in a recent session of NeuGroup for Future Finance Leaders. As Citi exits retail banking in Mexico while maintaining its institutional presence, some corporates are reevaluating how local employee-facing services will be supported going forward. One member at a large multinational said the move led his company to “find new banks and new relationships” to support its ambitions in Mexico, even as broader global banking coverage remained intact.
As the company evaluated alternatives, its Mexico-based subsidiaries encouraged working with local banks with strength in payroll execution, direct deposit and employee benefit integration—guidance others in the session said they received as well.
- The multinational ultimately chose HSBC, taking what the member described as a “safe approach” driven by an existing overlap: HSBC already banked a recently acquired entity in Mexico, helping the team move faster while maintaining required controls.
Input from across the NeuGroup Network. The question has also surfaced in the NeuGroup online community, where one member asked peers which banks other than Citi they are using for Mexico payroll processing. Responses also highlighted HSBC as a common solution:
- “We use HSBC and it has worked well for us,” one member wrote.
- “HSBC managed the transition from our legacy bank really well—strong local branch network and good incentives for employees,” another said.
One member said the experience reinforced the importance of stability and clarity when banking structures shift in key markets, raising questions about long-term continuity and how he would respond if similar shifts occur elsewhere. —Justin Jones 
