Fraud Victim: FFIEC Guidance Lacking

Guidance Does Not Hold Banks Accountable for Fraud

By , November 21, 2011.
Fraud Victim: FFIEC Guidance Lacking
Read Transcript

ACH fraud victim Mark Patterson says small businesses like his welcome improved online security measures from banking institutions. But is the new FFIEC Authentication Guidance sufficient? Patterson says no.The Federal Financial Institutions Examination Council's updated online authentication guidance takes effect in January. For small-to-midsized businesses such as Maine-based PATCO Construction, which in 2009 saw more than $550,000 drained from its commercial banking account by cyberthieves, improved online security measures from banking institutions would be a plus. But how much improvement can small businesses really expect?

Not much, says Patterson, co-owner of PATCO. "The FFIEC guidance is just a restatement of what banks should already have been doing," he says. "They're not really expanding it at all," and until banks are held legally liable and accountable for losses suffered after incidents of ACH and wire fraud that result from corporate account takeover, security won't improve.

"The government has to step up," Patterson says.

In fact, Patterson argues that financial institutions need to be the watchdogs for fraud, regardless of whether the accounts in question are retail or commercial. Small businesses depend on banking institutions to take the security lead. Most don't understand that the same protections provided for retail consumer accounts do not apply to commercial accounts. That disconnect is something the industry must address, if it expects to seriously curb incidents of online fraud.

During this interview, Patterson discusses:

  • How fraudulent transactions approved by the former Ocean Bank, now Peoples United Bank, over a five-day period led to more than $550,000 in losses for PATCO;
  • Why commercial accountholders need financial institutions to clearly define and explain security risks and financial exposure that can result after an online breach; and
  • How collaboration between small business accountholders and financial institutions could improve online security.

Patterson is a co-owner of Sanford, Maine-based PATCO Construction Inc., a small residential and commercial construction company with 22 employees that has been in business since 1985.

Follow Tracy Kitten on Twitter: @FraudBlogger

  • Print
  • Tweet Like LinkedIn share
Get permission to license our content for reuse in a myriad of ways.
ARTICLE Staples Launches Breach Investigation

Staples has confirmed that it's investigating a potential data breach after a report warned that...

Latest Tweets and Mentions

ARTICLE Staples Launches Breach Investigation

Staples has confirmed that it's investigating a potential data breach after a report warned that...

The ISMG Network