RJ Thanks for your reply! No, you don't indeed. What frightened me was that A.) Such a severe bug exists, B.) there was apparently no mechanism to stop it and it just let it go despite there, apparently, being 8000 requests for the exact same transaction. I don't know the internals of course, but that sounds like 2 things failing or a security layer missing altogether in there somewhere.
Mistakes are human for sure, but as this is the very core of the banking software something like this ought not exist or at least be stopped in its tracks automatically, a fallback safety to protect against the human errors that cause bugs. :) As there was both a severe bug and no mechanism to stop it automatically, I hope you can understand this made me feel a bit concerned and thus my comments/questions about audits. :)
Anyway, I'm glad you're going to look in to it and launch a thorough investigation. That's very good to hear!
I doubt it'll happen but it'd be nice to hear the outcome (eg: more measures taken to be sure/preventing similar bugs from going on a rampage or that nothing was found :)) - to boost confidence and know the investigation has been ended.
Thank you either way for your reply! :)