Joining day two of the World Conference of Banking Institutes, Ian Dyson - Commissioner of the City of London Police addresses the challenges of cyber-crime in this period of digital disruption. In addition to the uncertainty surrounding Brexit and the potential no-deal outcome, the question of balancing privacy with data protection remains a critical priority for financial institutions in 2019.
Addressing WCBI delegates, Dyson says: “cyber-crime is as much a challenge for law enforcement as it is for institutions and the customers who are being targeted [...] particularly as there is often more intelligence outside of cyber-crime than exists within it.”
Rapid advancements in technology are changing the way banks are doing business but with this development comes new opportunities for organised crime to infiltrate security frameworks of industry newcomers and incumbents.
With 78% of fraudulent activity reported to the City of London Police as cases of cyber-crime, Dyson urges institutions to encourage data sharing with law enforcement and to resist placing restrictions on police powers to tackle cyber-crime.
He continues to say that limiting the use of biometric recognition, as has occurred in San Francisco, would mean law enforcement would be forced to operate at a disadvantage not felt by criminals using the same sophisticated technology.
Further, the uncertainty of Brexit tied with the inherently political nature of policing provides a concerning backdrop for international co-operation in this arena. “Policing and the judicial systems of the world are local, this is problematic as cyber threats don’t recognise geographic borders.”
The Commissioner is concerned about determining a threshold for cross-border cooperation regarding serious organised criminality, estimating that extradition costs from Europe could increase by up to five times the current cost should Brexit come to fruition.
Hennie Verbeek-Kusters, head of the FIU Netherlands and regional representative of the Egmont Group echoes this concern: “Money laundering is by nature an international crime, you cannot effectively fight it in one jurisdiction. Without conviction to work co-operatively there will not be any success.”
Verbeek-Kusters cites UNODC figures that show that 2 to 5% of global GDP (between €714 billion - €1.87 trillion) is laundered each year, with €13 billion laundered annually in the Netherlands alone.
“You will only be able to fight cyber-crime if you understand it” says Verbeek-Kusters, adding that identifying trends is a key tool in combating cyber-attacks and developing innovative approaches to pre-emption and prevention is essential.
Jason Shaw-Gray, account director at Santander, spoke of the bank’s choice to contract the crowdsourced security platform Synack to combat and prevent such threats. The cyber security company provides ethical hacking services to financial institutions across the globe, harnessing the skill of 1,000 hackers to penetrate existing cyber systems to identify weaknesses. Large institutions such as Santander see the benefit of keeping pace with hackers by beating them at their own game.
Shaw-Gray explains Santander has reached a level of security whereby it “can release coding without testing as we know that the granularity of the code produced by our developers is tailored to previously unforeseen risks and our codes are within the frameworks of tighter controls. A bank would never be able to achieve the level of testing that Synack is able to.”
By Paige McNamee, Junior Reporter at Finextra