Community
This isn't the first, and certainly won't be the last, example of security breaches from staff.
There's been a lot of recent focus on the risks of external attack and how biometrics can help deal with this but the internal threat has been neglected. I've posted on the external attack on Barclays ("Security, Call Centres and Fraud"), when fraudsters stole the identity of their chairman for a credit card application, and there's been some good posts on Finextra (see "Biometrics - what's that all about then?" by Dave Griffiths and "Who's in your Wallet?" by Jarvis Kandik both last month). In fact, inside threats are perhaps as serious as the risk of external attack. In 2006 HSBC lost £233,000 after it's Indian call centre suffered inside attack (here for the BBC report). Last year the BBC also reported how HSBC and HBoS had been targeted by an organised gang which both penetrated the banks and laundered the proceeds of their crimes. An internal threat is nothing new - fraud from dishonest employees is something that banks have had to deal with almost from the start of banking. What is new is the level of the threat and its organisation. As an example, Strathclyde Police (who cover the west of Scotland where many call centres are located) believe that organised gangs have infiltrated perhaps one in ten of the call centres there (full report here). In the end, as I've argued with biometrics, the criminals will be beaten by process, not technology point solutions. If the defences against external attack are strong, then criminals will seek to get on the inside. The correct response is not to strengthen the exterior with biometrics (though I'm not sure biometrics do strengthen it), but instead to make sure that staff are vetted, exceptions or unusual activity is identified and monitored and good management is in place. Process is not terribly exciting, but it will be the element that determines whether technology defeats criminals or not.
This content is provided by an external author without editing by Finextra. It expresses the views and opinions of the author.
Hassan Zebdeh Financial Crime Advisor at Eastnets
08 October
Jelle Van Schaick Head of Marketing at Intergiro
07 October
Kuldeep Shrimali Consulting Partner at Tata Consultancy Services
Nikunj Gundaniya Product manager at Digipay.guru
Welcome to Finextra. We use cookies to help us to deliver our services. You may change your preferences at our Cookie Centre.
Please read our Privacy Policy.