Security is crucial in almost any organization, but especially when you are dealing with finance.
Time and again, inattention to security has cost financial institutions dearly. Fraud in banking is an expensive and complex matter that needs close, unyielding attention.
The current financial downturn and other developments have driven financial institutions to invest in a broad array of security measures to help regain consumers' trust.
As the saying goes, an ounce of prevention is worth a pound of cure. We need to learn from history, put the knowledge back into the prevention cycle and fine-tune existing systems and strategies.
But most of all, we need to be decisive — to have a clear vision and the resolve to make changes when needed.
Flexibility and a mid- to long-term vision that is open to changes within the market or region are essential when addressing security issues.
To benefit from structural changes, we need to integrate the complete chain of partners. They all need to understand and agree on implementation, deployment and follow-up. The chain always fails at the weakest link.
Recent incidents within financial institutions have shown that doing just a partial update to data protection systems can leave doors open to fraudsters attempting to gain access to sensitive customer information, install malware and/or redirect transaction traffic.
Before long, huge financial losses occur, again putting your reputation and bottom line at risk.
Payments scams have proliferated, putting pressure on banks to replace or modify unsafe and noncertified point of sale payment terminals, for example, to avoid fines.
Banks also have an important role to play in education — not only creating awareness among end users but also bringing all members internally up to speed.
We have found that in remote areas, outside cities, there is relatively low awareness of the latest techniques being used to defraud the payment system. Educational campaigns targeting these areas would help to combat fraud.
Security also includes interaction with law enforcement agencies, and that is not always very straightforward. In a number of countries, specialized units have been established, sometimes financed by the banking industry.
They rely in part on intelligence from bank staff or through the payment card industry.
In many cases banks do not make reporting data breaches and similar incidents a priority, because they are fearful of being seen as vulnerable.
But they have to make it a priority — a lot of valuable time and usable information is being lost. Meanwhile, the ones who stole this information are constantly on the move, taking advantage of banks' sluggishness.
Fraudsters are also taking advantage of a lack of coordination in data protection, a lack of global standards and the failure on the part of regulators and law enforcement agencies to create dedicated task forces.
This is why banks and other financial institutions, partnering with the law enforcement professionals who investigate fraud, need a support system.
A committed team in both arenas will help these professionals do their jobs more effectively.