Data security

The group was still the most active such gang last year, but its activity appears to have been severely hampered by law enforcement.

Pressing tech items across banking include the Federal Deposit Insurance Corp.'s impending Synapse rule and Regions Bank's play for an open banking future.

The settlement detailed the missteps PayPal took in the lead-up to the attack and highlighted common risks — both on compliance and security — banks face.

The ruling lets state Attorney General Letitia James continue arguing Citi should have reimbursed customers for wire fraud, though some claims were dismissed.

A security researcher found a database exposing names, addresses, and bills apparently belonging to Willow Pay, a fintech for short-term financing on bills.

The order calls on federal agencies to support more forms of digital identity documents and could lead more states to adopt digital driver's licenses.

Banks must comply with a European Union law known as DORA by Friday. The law aims to improve cybersecurity and reduce tech failures in financial services.

Amendments to New York's cyber rules — and a focus on privacy in California — mean banks must enhance risk controls, encryption and customer protections.

An alarming percentage of cyberattacks in 2024 exposed eight or more pieces of sensitive customer information, a notable increase in severity. Banks need to have both proactive and reactive strategies in place to protect customers.

To effectively reduce fraud, banks must transition to proactive, integrated strategies encompassing robust risk management and asset liability management.