So, you've met with your key vendors and conducted a gap analysis of areas that need to be addressed prior to January 2012 to conform to the FFIEC Authentication Guidance. But how do you know if a specific vendor is sharing with you a complete picture of preparedness? Some vendors are upfront on their capabilities and...
For too long, banking institutions have paid only lip service to the need for developing information security awareness and education programs for their customers.
But now, as directed by the FFIEC Authentication Guidance, institutions as of January 2012 are expected to manage a robust awareness and education...
Banking regulators make no bones about it: Your third-party service providers aren't responsible for ensuring that you attain conformance with the FFIEC Authentication Guidance. You are. How do you ensure their ability to aid your efforts towards compliance? Learn the secrets of a vendor management expert, who will...
As banks and credit unions assess online risk, in light of the updated guidance from the FFIEC, financial fraud analyst Tom Wills says they should consider mobile as a viable layer for out-of-band authentication.
A new twist in the ongoing online security battle between banks and their commercial customers was reported this week after a corporate account in Omaha, Neb., was hit with thousands in fraudulent ACH transactions.
This $38 billion bank has invested a great deal of time and effort into its online security program, continuously conducting risk assessments and making strides to ensure commercial customers stay informed about evolving online-banking risks.
Today, financial institutions offering internet-based and mobile-banking services face increasing pressure to provide enhanced consumer protection against phishing, sophisticated malware and other fraudulent activities. The FFIEC's guidance for financial institutions took a strong stance in support of the deployment...
A U.S. District Court in Maine has affirmed a magistrate's May recommendation to deny a motion for a jury trial filed in the ACH-related fraud case between PATCO Construction Inc. and Ocean Bank.
"We're continually testing our controls and the effectiveness of our controls. We do a lot of emerging-threats monitoring ... so we can react," says First Niagara's Joe Rogalski.
A California judge handed down a 12-year prison sentence to a phisher who stole financial details from more than 38,000 online accountholders. Observers say the sentence signals a changing attitude about the severity of cybercrimes.
In the wake of natural disasters or global political unrest, financial institutions of all sizes must be mindful of international fraud schemes and suspicious activity, says EastNets' Paul Buelens.
Despite previously announced plans to appeal last month's ruling in the ACH fraud lawsuit filed by Experi-Metal Inc., Comerica Bank now says it has resolved to pay the $560,000 in damages and close the case.
Anomaly detection and behavioral monitoring are minimum requirements or mitigating online risks, and the newly-issued supplement to the FFIEC Authentication Guidance highlights why banks and credit unions should be doing more, says Terry Austin of Guardian Analytics.
Corporate account takeover events are reigniting the debate between banks and their former commercial customers, about everything from fraud liability and the "good faith" standard to commercially reasonable security.
The fight against cyberattacks is a top priority for financial institutions, and industry insiders are optimistic about President Obama's plan to thwart cyberattacks that lead to corporate account takeover and other forms of fraud.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.co.uk, you agree to our use of cookies.