With the release of the new FFIEC Authentication Guidance, the need for effective strategies to mitigate known online risks has never been greater for banking institutions. Effective authentication methods also ensure institutions conform to new risk management and assessment requirements.
Bob Russo says the long-awaited PCI guidance on tokenization should provide merchants with a baseline for standardization and best practices, and serve as a roadmap for how tokenization can complement compliance with the PCI-DSS.
As fraud continues to evolve and affect financial institutions, careers are plentiful for fraud-fighting professionals, says Jean-Francois Legault, a fraud investigations specialist with Deloitte and Touche.
"I don't think there's any connection [to] the investments banks will make in fraud prevention," says Doug Johnson of the ABA. "It's not about making budget cuts; it's about protecting the customer relationship and ensuring security."
As banks and credit unions work toward compliance with the FFIEC's updated online authentication guidance, they need to place their efforts and attentions on risk assessments, says Doug Johnson of the ABA.
Boiled down to its essence, the latest guidance issued by the Federal Financial Institutions Examination Council (FFIEC) is rather simple.
Essentially it's asking U.S. financial institutions to mitigate risk using a variety of processes and technologies, employed in a layered approach. More specifically, it asks...
"The need for fraud-prevention tools increases during times of recession," says Aite Group's Julie McNelley, who does not believe this week's economic shockwaves will hurt organizations' security priorities.
Looking at the international stock market crash and the impact it's likely to have on future investments in fraud detection and prevention, how much can banks and credit unions reasonably afford, when economic stability is shaky and the financial future uncertain?
No two fraud incidents may be exactly alike, but a fraud investigator's approach can still be very consistent and precise, says Jean-Francois Legault, a fraud investigations specialist with Deloitte and Touche.
The FFIEC Authentication Guidance update is out, and third-party service providers need to begin reviewing their internal systems and communicating with their financial institution customers, says Wells Fargo Bank's Phil Alexander.
Banking institutions have a lot to do in order to prepare for the Jan. 2012 deadline to conform with the new FFIEC authentication guidance, and former banking regulator William Henley has one, simple piece of advice: start now.