Johannesburg - An investigation into the premature release
of FirstRand's [JSE:FSR] interim results in March has revealed that while the
group was led to believe that its site was secure, full security settings
on the content folder were not in place.
This enabled a newswire to access the results before their scheduled release.
On Tuesday the financial services group said that in
addition to its own internal review process, it had appointed KPMG to
conduct an independent investigation into the early release of the group's
results on March 7.
It said that the results were due to be published on the Stock Exchange News Service (Sens) on
Tuesday March 8 2011. In preparation for this, the results brochure to
shareholders and the results presentation were uploaded onto the content
management system of the FirstRand website on the morning of March 7 2011.
This website is hosted and managed by a third-party provider.
A newswire accessed the FirstRand website content folder via
a specific URL and retrieved the results shortly after they had been uploaded.
While on March 7 the third-party provider informed FirstRand that the
results information had been uploaded in a secure environment, it has
subsequently confirmed that the full security settings on the content folder
were not in place, it said.
After the newswire published the results information,
FirstRand released its interim results announcement on Sens. Server logs
suggest that the newswire was the only party to access this information prior
to publishing the results on its news platform, FirstRand said.
"However, the group acknowledges that the third party's content folder security settings allowed the newswire to access the unprotected files on the server," it said.