Why Commercial Account Theft Is Your Problem

Two out of five businesses switch banks due to fraud.  That’s a sobering takeaway from Guardian Analytics 2011 Business Banking Trust study.

For the most part, financial institutions provide online protections to businesses that are similar to what they provide for consumers.  However, it may only be a layered security approach when it should be an enhanced layered security approach, according the FFIEC’s latest authentication guidance.

With their large account balances and frequent transactions, commercial accounts are an attractive target for criminals. If fact, of roughly 500 small and medium-size businesses recently surveyed by Guardian Analytics, 32 percent said they had experienced online fraud in the last 12 months.

Financial institutions pay a real price for lax security, and commercial customer retention is no longer a given.   Fraud victims aren’t automatically giving their institution a second chance.  Yes, it’s an onerous process to move a business banking relationship.  But customers can and will switch to a competitor if they lose trust in their institution’s ability to protect their accounts.  Additionally, with the premium now on top-notch business accounts, your competition is assuredly doing everything to make this switch easier.

I’m not going too far out on a limb when I say financial institutions don’t just handle money anymore.  They handle information.   And that paradigm switch has made it infinitely easier to commit financial crimes.  Your customers’ financial information has been entered into a network countless times.  Do you have any idea where it resides and who is using and protecting it?

It’s time to step up and pay attention.  While 41 percent of the Guardian survey respondents said they didn’t believe their financial institution would cover losses if their company’s assets were stolen, a full 70 percent thought it should.

That’s the notion driving one lobbying organization, the Cyber Looting Awareness and Security Project.  (You’ll find them online at the ominous YourMoneyIsNotSafeInTheBank.org.) The group is urging lawmakers to require institutions to provide commercial customers the same sort of fraud reimbursement it provides to consumers accounts.

Meanwhile, businesses are failing to educate their employees on the dangers of cyber theft.   In one study, 81 Fortune 5000 companies were sent simulated phishing attempts.  Of the 79 businesses that successfully received the email, 43 percent had a least one employee who clicked the link, theoretically opening the network to keyloggers and paving the way for cyber thieves.

In fact, according to the Guardian Analytics study, only 12 percent of businesses are educating employees about not downloading dubious programs and just 10 percent are educating employees about not opening email attachments of unknown origin.  And only 25 percent say they have plans to enforce the use of strong passwords.

What does this mean for the financial community?  It means you have to watch your back.  It’s time to get serious about commercial account protection—that means everything from increasing your own risk assessment activity to offering training for customer employees.

The alternative is loss of reputation, loss of goodwill, and loss of revenue…whether the breach initiated inside your systems or not.

(Get the printer-friendly .pdf version of this article here: Why Commercial Account Theft is Your Problem.)


Pete Griffith is CEO of Supernal, makers of the Scout™ risk management dashboard.  Find him online at www.supernal.com and on Twitter @SeeScoutRun. 



©2012 Supernal Software, LLC. All rights reserved.

Home       Scout       About       Compliance Services       Blog       News       Demo Sign-up       Scout Login       Contact