The National Credit Union Administration shares some thoughts about emerging online security threats - threats it expects credit unions to address as they work to comply with the updated online authentication guidance issued by Federal Financial Institutions Examination Council.
A new twist in the ongoing online security battle between banks and their commercial customers was reported this week after a corporate account in Omaha, Neb., was hit with thousands in fraudulent ACH transactions.
This $38 billion bank has invested a great deal of time and effort into its online security program, continuously conducting risk assessments and making strides to ensure commercial customers stay informed about evolving online-banking risks.
With the release of the new FFIEC Authentication Guidance, the need for effective strategies to mitigate known online risks has never been greater for banking institutions. Effective authentication methods also ensure institutions conform to new risk management and assessment requirements.
As fraud continues to evolve and affect financial institutions, careers are plentiful for fraud-fighting professionals, says Jean-Francois Legault, a fraud investigations specialist with Deloitte and Touche.
"I don't think there's any connection [to] the investments banks will make in fraud prevention," says Doug Johnson of the ABA. "It's not about making budget cuts; it's about protecting the customer relationship and ensuring security."
As banks and credit unions work toward compliance with the FFIEC's updated online authentication guidance, they need to place their efforts and attentions on risk assessments, says Doug Johnson of the ABA.
Boiled down to its essence, the latest guidance issued by the Federal Financial Institutions Examination Council (FFIEC) is rather simple.
Essentially it's asking U.S. financial institutions to mitigate risk using a variety of processes and technologies, employed in a layered approach. More specifically, it asks...
"The need for fraud-prevention tools increases during times of recession," says Aite Group's Julie McNelley, who does not believe this week's economic shockwaves will hurt organizations' security priorities.
The FFIEC Authentication Guidance update is out, and third-party service providers need to begin reviewing their internal systems and communicating with their financial institution customers, says Wells Fargo Bank's Phil Alexander.