"central repository" does not mean that everyone should have read access. Preferably their personal home drive or in aid of communications, a group share at their level or department. EG Directors, Managers, Team Leaders or HR/Finance/Accounts etc. Sure, IT could access them by logging in as Domain Admin but A) they could and should be password protected at the file level and B) Your IT staff probably already have the power to do pretty much anything if they put their minds to it.
Evidently he has a laptop and VPN access and company policy should be that all important documents are held on central storage, not a user's PC. Important apps can be published via Citrix and run over VPN so really, this is either a failure of the user or of IT infrastructure.
If you're going to offer up such a sweeping statement without any evidence to back it up, at least have the courage not to post as AC.