The Fraud is Coming from Inside the Bank: The Need To Tackle Branch Security LapsesNitin Sumangali |
As part of the Road to Recovery series about the US consumers’ responses to the financial crisis, Global Insights published a paper last year that surveyed consumers and found 35 percent held multiple checking accounts. Of that group, 63 percent held these multiple accounts at different banks, and 40 percent said this decision was driven by security concerns with having all of their money at a single bank.
And when it comes to the risk of personal information filched from a bank account, many might assume they were at risk from professional hackers. Fewer would assume their information was at risk from their banks’ own employees, but according to a recent article in the New York Times, that may in fact be the case.
The article details a number of instances where bank employees used their access to customers’ information to transfer money from bank customers to themselves, make fake debit cards to withdraw money from ATMs, or pass customer information to co-conspirators and then write checks from the accounts. These types of crimes are also more frequent than some might think—the article cites the Manhattan prosecutor’s office saying they bring an estimated one case against a teller per month.
The article goes on to note that while some banks are limiting the types of information tellers could access, the cost and complexity of dramatically beefing up security has meant banks are not progressing much in making this experience safer for customers, choosing instead to address the issue by reimbursing customers for the lost funds.
But this teachable moment might be a lost opportunity for bankers. Doug Johnson, senior vice president for payments and cybersecurity policy at the American Bankers Association, is quoted in the article saying they recognize the thefts can cause “Substantial reputational risk and strain relationships with customers” and therefore banks “are committed to guarding against these attacks by sharing information about problematic tellers and instituting more monitoring of accounts.”
Banks have to demonstrate a willingness to tackle fraud, especially when it is coming from within the bank. The cost and complexity of overhauling security must be taken seriously and clearly communicated to consumers, or the reputational risk can percolate down to consumers who may decide to hedge their bets (see above) or move their money from the bank entirely. The risks here are not about a single bank or a single branch, but a fraud that plays on systemic weakness. The solution may require similar cooperation among the financial system’s players to better safeguard the customer’s money.