The real source of financial services fraud
The financial services industry is somehow always engulfed in fraud, and whether real or perceived, fraud always seems to be in the media. (Right now, there is certainly no shortage of investigations concerning the credit crunch.) The fraud discussion generally takes two forms: Customer-targeted fraud, usually instigated by outsiders, or internal fraud, instigated by employees.
The customer-targeted forms of fraud seems to generate the most media ink. For example, a New York man was just charged with providing a sniffer that intercepted payment card data as it moved through networks. The news represents more fallout from widely covered breaches at TJ Maxx, from which data on 44 million cards was stolen, and others. Meanwhile, phishing scams seem to have hit an all-time high with Citibank, Wachovia and Bank of America being the hardest hit. You certainly can't blame the media for reporting such news.
There's a flip side to that record, however. In a recent report called, "Internal Fraud: Big Brother Needs New Glasses," Celent comes to the conclusion that unlike customer-targeted fraud, most internal fraud is hushed up. It notes that from 2005 to 2008, insiders accounted for just 9 percent of reported data breaches, which seems shockingly low. It thinks a lot of insider fraud activity is not reported, possibly for PR and related issues. Celent estimates that insiders account for about 60 percent of cases where a sensitive data breach or theft occurs.
Celent recommends companies get serious about this. On one hand they should do better with their polices and best practices, as laid out by CERT--these cover the basics that you've no doubt heard before, such as segregation of duties. Celent goes beyond these best practices with recommendations of its own about limiting the use of SSNs as an identifier, controlling personal digital storage devices (no matter how unpopular with employees) and developing a strong notification process, among other things.
At the heart of this effort is technology. Internal fraud solutions aren't cheap. But increasingly they seem necessary. Leading companies have invested in things such as monitoring, alerts, reporting and analytics, and dashboards. Celent also suggest the use of biometrics. In the wake of the Jerome Kerviel affair, the industry was briefly buzzing with calls to deploy this technology to prevent rogue behavior.
The problem is that all of this costs money, and budgets are tight. - Jim
SHARE WITH:
Comments
Post new comment
Home
| Subscribe | Advertise | Mobile Edition | RSS |
Privacy
| Site MapTHE FIERCEMARKETS NETWORKFierceFinance | FierceFinanceIT | FierceComplianceIT | FierceHealthcare | FierceHealthFinance | FierceHealthIT | Hospital Impact | FierceMobileHealthcare | FierceHealthPayer | FiercePracticeManagement | FierceCIO | FierceCIO:TechWatch | FierceContentManagement | FierceMobileIT | FierceGovernmentIT | FierceBiotech | FierceBiotech Research | FiercePharma | FierceVaccines | FierceBiotechIT | FiercePharma Manufacturing | FierceMedicalDevices | FierceDrugDelivery | FierceIPTV | FierceOnlineVideo | FierceTelecom | FierceVoIP | FierceBroadbandWireless | FierceDeveloper | FierceMobileContent | FierceWireless | FierceWireless:Europe | FierceCable© 2010 FierceMarkets. All rights reserved. |
 |