The fifth column
During the Spanish civil war, the nationalists had 4 columns of troops attacking Madrid. Their leader broadcast that these troops were helped by a fifth column inside the besieged city. So it is with with IT systems. Every company regards the customers, or non-employees as "the enemy" so far as computer and financial security is concerned, but few take any heed of the underpaid, over-screwed (and not in a good way) people who daily, have access to all the revenue and orders that flow in or out of the company. Be it a financial trader, bank, plumber or local authority. Consequently, almost all security measures are outward-facing and few are designed to slow down the operator/programmer/sysadmin with the root password and the balls to use it.
Even fewer of the internal security measures are ever tested - for the simple reason that they'd almost all be found to be completely ineffectual against an internal attack from someone who knew what they were doing.
And when a discrepancy is discovered, the only place the investigators would look is at the audit trail, on the presumption that the trail, itself, is uncompromised: not a valid assumption against "root" and someone with a well thought out plan. [Although in fairness, there are lots of cases where computer staff have been caught, some even nicked. Generally these are the result of rushed or faulty frauds caused by unexpected opportunistic situations that didn't allow time to plan the crime properly. When doing Unix support I occasionally found myself being "parachuted" into a major credit card/finance company's machine room, logged into root and my "overseer" saying "... be back in half an hour"]
So why don't you hear about rogue sys-admins, who lose their companies millions, or billions? or end up spending their autumn years in the Carribean? Simple: Not because the dishonest ones aren't getting their (unfair) share, but because they've been able to shift the blame onto some "rogue" trader, somewhere.