If youdetermine thatthe JDBCconnectionwas nothandled properlyandthe owningapplication "forgot" to closeit, youhave discoveredaresourceleak that needs to befixed.
The bank would never have discovered this scheme if the thief had handled the call, notwithstanding routine audits by the OCC and other examiners throughout the years.