The case of PlainsCapital Bank vs. Hillary Machinery isn't dinner table conversation just about anywhere, but Jim Woodhill, founder and chairman of security vendor Authentify, is aiming to change that.
First, the facts of the case. Texas-based Hillary Machinery was relieved of about $800k in an online banking heist; PlainsCapital, the $30 million business's bank, was able to recover all but about $200k. Under current regs, that left Hillary to absorb the loss. What happened next is man-bites-dog kind of story: The bank sued its customer, requesting that the court give a stamp of approval to the bank's security procedures, and that Hillary be forced to pay the bank's attorney fees and court costs.
Bank spokesman John Floeter says the bank isn't intending to be punitive, but that the courtroom is the best place to affirm the bank's contention that its security is "commercial reasonable."
Woodhill disagrees. "PlainsCapital suing Hillary Machinery just pushed me over the edge," he says. "This is just so wrong."
In short order, Woodill was on a plane to Dallas, offering his company's assistance to Hillary Machinery-promising to help prove that PlainsCapital's security isn't good enough. Woodhill also flew to Washington, meeting with Congressional staff members looking for Congress to pass a law that's the business equivalent of the wording in Reg Z that limited consumer losses on credit card fraud to $50. Authentify also spent time at the recent RSA security conference gathering signatures on a petition to send to Congress.
But, in perhaps the biggest nose-thumbing at the banks Woodhill deems irresponsible for the problem, he's flying to Long Island, New York with plans to lend $100k to a small business owner who lost $164k when thieves cleaned out her business's TD Bank account after installing a Zeus Trojan on her PC. "Right now, nobody's money is safe," Woodhill contends.
That's a bit of hyperbole. But the number of fraudulent ACH and wire transfers from small business and municipal accounts has reached a scale that's impossible to ignore. And, as Woodhill points out, customers of small banks seem to be disproportionately affected, perhaps inflicting long-term reputational damage on the community banking industry. The other side of the coin is Woodhill's vested interest in seeing such a law passed; Authentify would surely see its sales soar in that environment. Woodhill calls this "doing well by doing good," and isn't the least bit afraid of alienating banks. "If we do make enemies, it will be very transient," he says. "In the end they will be thanking us."
I do hope he's not holding his breath for that one.