The Fraud Blog with Tracy Kitten

Fraud Survey Analysis: Tech's Role

Consumer Education, Not Tech, Seen as Key to Fraud Fight
Fraud Survey Analysis: Tech's Role

Banks and credit unions are increasing budgets and staffing this year for the ongoing fight against financial fraud. But will their spending prove prudent?

See Also: Live Webinar | Navigating Identity Threats: Detection & Response Strategies for Modern Security Challenges

Most are doubtful.

This week, we released some preliminary results from our 2012 Faces of Fraud survey. While banking institutions are focusing more attention on technology to meet regulatory demands outlined in the FFIEC's updated Authentication Guidance, only 11 percent expect that conformance with the guidance will result in a significant reduction in fraud. More than half expect conformance will only slightly reduce fraud, and 16 percent expect conformance will have no impact.

Analysts and vendors I talked to about the perceived lack of impact of guidance conformance were a bit surprised; bankers, however, were not.

Why? Because so much of the fight against fraud depends not on technology, but human behavior.

Role of Consumers

"I truly believe that it still comes down to what consumers are doing and their lack of awareness and concern about how to keep themselves safe and secure," says Patti Broer, the information security administrator and business continuity plan coordinator for BankWest Inc., a $754 million bank in Pierre, S.D. Broer serves on BankInfoSecurity's board of advisers.

"I feel that banks can take all the precautions, put everything in place to watch for fraud on consumers' accounts, cross every 't' and dot every 'i' in regard to the FFIEC guidelines, but it ultimately comes down to the human element," she adds.

And when I look at our survey results, I see that Broer's perspective is right on the mark.

The survey shows 68 percent say a lack of customer awareness is the primary source of fraud. Because the FFIEC guidance specifically notes the need for customer and member education, institutions are making fraud-prevention education a priority. Among all the investments bankers are making, customer education ranked No. 3.

Education Important

If the regulators truly want to see fraud reduced, then the greatest attention should be paid to education, bankers argue.

One executive at a multibank holding company, who asked not to be named, told me, "You can't protect an environment that you don't control."

So, you can provide education and enhance technology, but you can't force businesses and consumer to change their behavior.

The good news is that customer education can come in many forms and flavors. Many institutions say they're making site visits to educate and train their commercial customers and members about emerging threats. Others are issuing mailers and having tellers explain how phishing schemes work when retail accountholders visit the branch or banking center.

But some institutions are going a step further, thinking outside the box, which I really find promising. For example, some are testing vulnerabilities to social engineering schemes. (See New Strategies to Fight Phishing.)

I'm anxious to learn more. And I wonder if examiners, as they review institutions' plans for FFIEC conformance, are recommending this type of training. I invite you to share your insights.



About the Author

Tracy Kitten

Tracy Kitten

Former Director of Global Events Content and Executive Editor, BankInfoSecurity & CUInfoSecurity

Kitten was director of global events content and an executive editor at ISMG. A veteran journalist with more than 20 years of experience, she covered the financial sector for over 10 years. Before joining Information Security Media Group in 2010, she covered the financial self-service industry as the senior editor of ATMmarketplace, part of Networld Media. Kitten has been a regular speaker at domestic and international conferences, and was the keynote at ATMIA's U.S. and Canadian conferences in 2009. She has been quoted by CNN.com, ABC News, Bankrate.com and MSN Money.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.eu, you agree to our use of cookies.