Financial firms say that "insider fraud" is one of the most serious threats to their business, according to the Financial Services Authority (FSA).
Joyti De-Laurey stole £4.3m from her bosses at Goldman Sachs
The most common example involves staff being approached outside work to sell confidential information about their bank's customers.
The FSA spoke to senior staff at 16 mainly large financial services firms.
It concluded that some companies are still not able to tell adequately where and why they are at risk from fraud.
This snapshot of how financial firms are tackling the problem of fraud is contained in the FSA's latest Fraud Governance Report, published on Monday.
Philip Robinson, from the FSA, said firms which did not spend enough on anti-fraud measures were likely to suffer high levels of loss.
"While the larger firms have been forced to wake up to fraud, those that have so far remained outside the fraudsters' radar are not as developed," he said.
"Fraud threats are dynamic and fraudsters constantly devise new techniques to exploit the easiest target.
"Firms need to continue to invest in systems and controls and manage their responses to fraud in order to avoid being targeted as the weakest link."
Companies surveyed by the FSA admitted they were most worried about their own staff being involved in fraud through collusion, coercion, or infiltration.
The FSA says the threat is growing very rapidly, with staff typically offered money to sell confidential information about customers.
The report cites a recent example of a cashier at a high street bank branch in Cosham in Hampshire.
After serving customers she trawled their accounts to see if they had made any big deposits in the past.
If they had, she then passed their details to a gang of criminals.
Using information about these accounts, the criminals went into bank branches in London and Cardiff to change the address details and set up online banking facilities.
These, in turn, were used to transfer money to their own accounts.
The gang stole nearly £500,000 before the fraud was detected. The cashier involved was sent to jail for two years.
To help tackle fraud, some firms are vetting staff more stringently when they apply for jobs.
This sometimes involves employing outside agencies to check on the background of job applicants.
However, the FSA found that firms were reluctant to do more than their competitors, for fear of putting off potential customers by using anti-fraud checks that inconvenienced them.
It cited one bank whose marketing department had stopped fraud warning notices from being displayed on the bank's website on the grounds that it should be used for marketing purposes only.
But overall, the FSA concludes that fraud-related losses have concentrated the minds of senior finance staff which has led to them putting more effective anti-fraud measures in place.