03:10 PM
Deena M. Amato-McCoy
Deena M. Amato-McCoy
Connect Directly

Closing the Door on Criminals

Regulations and increased incidents of fraud are forcing banks to rethink their siloed detection initiatives.

Fraud incidents across the banking industry continue to skyrocket, and San Francisco-based Wells Fargo ($492 billion in assets) can attest to just how scary these incidents can be. Already the victim of three security lapses in the past three years that exposed sensitive customer information, the bank again found itself at the center of a security breach this spring. >>

A company computer that contained the names, addresses, Social Security numbers and account numbers of Wells Fargo's mortgage customers was reported missing while in transit between Wells Fargo facilities, according to published reports. While law enforcement officials believe the computer was stolen for the hardware -- not the data it housed -- this tends to be the exception.

Mission-critical data and consumer-specific information often are the target for savvy thieves who prey on the financial services industry. Further, as consumers, employees and external business partners demand -- and are given -- greater access to sensitive data, banks are more susceptible than ever to internal security breaches.

Clearly, fraud is a costly fact of doing business. Approximately 3 million adults said they were victims of ATM or debit card abuse in 2005, according to a survey by Stamford, Conn.-based Gartner that focused on the global IT industry. These incidents resulted in $2.75 billion in losses, with an average loss of more than $900 per incident, Gartner reports. Another 1.9 million online financial services users were victims of illegal checking account transfers, the study adds. These hijacked accounts resulted in nearly $3.5 billion in losses -- an average of roughly $1,800 per incident. Banks absorbed most of these losses, Gartner points out.

"Real costs are being driven out of the business," says Austin Wells, VP, product management, for Digital Harbor, a Reston, Va.-based risk management solutions provider. "Dollar losses aside, however, banks are just as aware of how damaging fraud can be to their reputations among consumers as well as in the way of fines they are subject to for noncompliance with regulations."

The fastest-growing incidents of fraud are cross-functional, meaning they involve multiple areas of a banking customer's portfolio. While banks have solutions in place to evaluate and detect incidents of fraud, not many solutions "look across systems and link the pieces together," Wells contends.

Segregated fraud detection solutions and disparate data streams "remain siloed across enterprises," agrees Andrea Klein, chief marketing officer, IdenTrust, a San Francisco-based provider of identity management solutions. In addition to being difficult to control, these silos require banks to allocate different sets of people and significant IT investments to manage information and detect fraud.

"Fraud does not just encompass Internet-facing issues or identity theft," says Jonathan Rosenoer, global risk officer, financial services sector, for Armonk, N.Y.-based IBM. "Dimensions start at security levels and bridge through to privacy issues. Banks need to consider fraud from a broader sense," he continues. "They need to look at systems and rethink how operations can effectively shut the door to criminals."

The Helping Hand of the Law

Unfortunately, some banks have been slow to react and only have begun to rethink their risk strategies and fight fraud on an enterprise level as the result of regulatory mandates. The USA PATRIOT Act, for example, requires banks to monitor and disclose any potential international money laundering rings or the financing of terrorism. Meanwhile, Basel II requires that banks identify customers on a global level, calculate credit reserves and report credit risks.

"These and other regulations are forcing companies to look at all customer activity, even across silos," says Rosenoer. That is where the CRO comes in. "The role of the CRO -- or chief risk officer -- is to ensure the bank is compliant across these regulations," he explains. "Further, the CRO bridges business continuity in the event of fraudulent events. Again, this is not just an online problem. CROs are evaluating money laundering rings, compromised internal systems or anything that is threatening the enterprise."

Besides creating a watchdog to detect and ward off potentially dangerous scenarios, privacy and security regulations foster something more important -- the need for banks to gain an enterprisewide view of customers and their account activity, Rosenoer suggests. Gaining a holistic view of the enterprise requires an arsenal of risk management tools. The best solution set will enable banks to pinpoint breaches, from compromised consumer privacy all the way up to organized fraud rings. They must be able to monitor instances wherever they occur in the organization. To do this, banks need to employ a common set of tools across the enterprise.

"Banks need a consistent approach to fraud assessment and prevention, otherwise they will never truly get ahead of [the problem]," says IdenTrust's Klein. "Siloed solutions cannot fight the bad guys. Fraud has to be fought on an enterprise level, otherwise this problem cannot be solved."

For example, identity theft is consuming many banks' fraud prevention resources. However, companies are equally bombarded by threats of money laundering and from organized fraud rings. That's why Digital Harbor's solution links disparate fraud detection technologies throughout the organization to detect patterns across each area, according to the company's Wells. By investigating the exceptions across multiple systems, the solution "provides a single view of a suspicious customer or account," he says. "If banks can start to find patterns of fraudulent activity across accounts early on, they can avoid big losses." By linking different fraud detection systems together, Wells asserts, banks can reduce fraud losses by 30 percent and increase their loss recovery by between 25 percent and 40 percent.

1 of 3
Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
Register for Dark Reading Newsletters
White Papers
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This is a secure windows pc.
Current Issue
Security Operations and IT Operations: Finding the Path to Collaboration
A wide gulf has emerged between SOC and NOC teams that's keeping both of them from assuring the confidentiality, integrity, and availability of IT systems. Here's how experts think it should be bridged.
Flash Poll
New Best Practices for Secure App Development
New Best Practices for Secure App Development
The transition from DevOps to SecDevOps is combining with the move toward cloud computing to create new challenges - and new opportunities - for the information security team. Download this report, to learn about the new best practices for secure application development.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
Published: 2017-05-09
NScript in mpengine in Microsoft Malware Protection Engine with Engine Version before 1.1.13704.0, as used in Windows Defender and other products, allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and application crash) via crafted JavaScript code within ...

Published: 2017-05-08
unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).

Published: 2017-05-08
A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected version...

Published: 2017-05-08
Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.

Published: 2017-05-08
Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping leading to a XSS vulnerability in the search module. To be exploitable a user has to write or paste malicious content into the search dialogue.

Dark Reading Radio
Archived Dark Reading Radio
In past years, security researchers have discovered ways to hack cars, medical devices, automated teller machines, and many other targets. Dark Reading Executive Editor Kelly Jackson Higgins hosts researcher Samy Kamkar and Levi Gundert, vice president of threat intelligence at Recorded Future, to discuss some of 2016's most unusual and creative hacks by white hats, and what these new vulnerabilities might mean for the coming year.