The most recent Federal Financial Institutions Examination Council (FFIEC) supplement states that "...controls implemented in conformance with the guidance several years ago [the 2005 original guidance] have become less effective," and clarifies that "...malware can compromise some of the most robust online security controls."
Unmistakably, what led to the release of the FFIEC supplement was the introduction of advanced malware that has created an increasingly hostile online banking environment. Sophisticated malware has become the primary attack tool used by online banking fraudsters to execute account takeover, steal credentials and personal information, and initiate fraudulent transactions.
To address emerging threats, the FFIEC requires organizations to continuously perform risk assessments as new information becomes available, adjust control mechanisms as appropriate in response to these changing threats and implement a layered approach to security. Consequently, financial organizations need to select solutions that are able to identify emerging threats, address their impact and apply layered security that can quickly adapt to the ever-changing threat landscape.
This white paper provides an overview of:
- Key requirements organizations should seek when choosing an effective and sustainable online banking fraud-prevention solution to help them meet FFIEC requirements;
- What led to the release of the FFIEC supplement;
- What to look for when selecting an online banking fraud-prevention solution.