ABA on Fraud: 'All is Not Lost'

Credit EligibleAs a BankInfoSecurity.com annual member, this content can be used toward your membership credits and transcript tracking. Click For More Info

It's been nearly a year now since banking regulators and associations stepped forward with concerns about ACH fraud, or corporate account takeover. Yet the number of fraud incidents continues to rise. What can banking institutions and businesses be doing to turn the tide?

Doug Johnson of the American Bankers Association (ABA) says the message to concerned parties is "All is not lost." In an exclusive interview, Johnson discusses:

• The significance of the threat;
• How banks and businesses must respond;
• Why the ABA opposed Reg E reform or any other legislative remedies.

Johnson is the American Bankers Association's Vice President and Senior Advisor, Risk Management Policy, where he is involved in a variety of public policy and compliance issues. He currently leads the association's enterprise risk, physical and cyber security, business continuity and resiliency policy and fraud deterrence efforts. He has assisted in the ABA's release of a series of resources to deter bank robberies, assess information technology risk, deter phishing, safeguard customer information and buttress emergency preparedness.

Johnson represents the ABA on the Financial Services Sector Coordinating Council, which advises the federal bank regulatory agencies on homeland security and critical infrastructure protection issues, and serves on the BITS/Financial Services Roundtable Security Steering Committee. He is also a board member of the Financial Services Information Sharing and Analysis Center, a private corporation that works with government to provide the financial sector with cyber and physical threat and vulnerability information, as part of the nation's homeland security initiative.

Click to Get Updates on the Latest Information Security News

Company* Title* Email* Subscription Type: HTML Text Healthcare Enews General Healthcare Enews Blogs Enews Careers Enews Training Enews Webinars Enews Podcasts Enews White Papers Enews Government Enews General Government Enews Blogs Enews Careers Enews Training Enews Webinars Enews Podcasts Enews White Papers Enews Banking Enews General Banking Enews Blogs Enews Careers Enews Training Enews Webinars Enews Podcasts Enews White Papers Enews Credit Union Enews General Credit Union Enews Blogs Enews Careers Enews Training Enews Webinars Enews Podcasts Enews White Papers Enews Need Help?

TOM FIELD: The topic today is corporate account takeover. Hi, this is Tom Field, Editorial Director with Information Security Media Group. I am talking with Doug Johnson, the Vice President of Risk Management Policy with the American Bankers Association. Doug, it is a pleasure to talk with you again.

DOUG JOHNSON: Good afternoon, Tom.

FIELD: So, Doug, sort of the news hook here is last week the announcement of the PlainsCapital and Hillary Machinery settlement. What can you say about the significance of this case in terms of corporate account takeover?

JOHNSON: Well, Tom I can't say much about the settlement since it is confidential, but I do think the case in general is significant. I do frankly reject the notion that is brought out by Hillary Machinery that somehow community banks don't have the ability to appropriately protect their small business and municipal customers. I believe that community banks, as well as larger financial institutions, have that obligation and have the ability to do that, and so I was disappointed to see that one of the things that the case did is appear to pit one portion of the industry against another when actually we are all trying to together protect this environment.

FIELD: Doug, you see institutions of all sizes so put this in perspective. How big is the current threat of corporate account takeover?

JOHNSON: Well, I think that the threat is very large. I think that the threat is not only a large one from the standpoint of the number of cases -- which the FBI continues to observe are increasing for them. But I think the biggest risk that we face here, as it relates to the corporate account takeover, is the damage it does to the reputation of financial institutions and financial institutions' customers, and the damage it does potentially to the relationship between our customers and our financial institutions. Because I do believe at the end of the day this is all about shared responsibility. Both financial institutions as well as financial institution customers do have a responsibility to have skin in the game to protect accounts, and I think that it is only through that active partnership that they were able really to address the current threat.

FIELD: Doug, we first spoke about this maybe 10 months ago, last August. Since then how has the ABA responded to the threat and helped institutions respond, not just in terms of security, but as you say in the repairing or staving off some of the reputational damage?