Pub. 7 2019 Issue 3

ISSUE 3. 2019 15 Most banks and many customers have taken steps to improve cybersecurity following high-profile attacks and increased regulatory scrutiny. of their customers, improve business relationships and discuss any additional necessary services. ADJUST INTERNAL BANK PROCESSES Many banks use flexible core banking systems that can identify high-risk trans- actions. These platforms have extensive functionality built in, but banks often do not use all of it and therefore do not see some questionable transactions in real time. In many cases, controls can be established to flag suspicious activity. For example, if a middle market company that traditionally only does domestic wire transfers sends funds to Romania, that transaction should stick out like a sore thumb. Perhaps a company almost exclusively sends wire transfers under $20,000 and then suddenly sends one for $60,000. While large banks may not be able to pick up the phone and validate that transaction, there is an opportunity for community banks to reach out person- ally and provide more comfort and value than their larger counterparts. Obviously, detecting a fraudulent wire transfer from within the bank is not always this simple, but the institution is often the last point of resistance in these attacks. In- dividuals responsible for oversight should review suspicious activity reports and other notifications of wire transfer fraud regularly to identify criminal activity. Ultimately, banks may be able to better control fraud in three ways: confirming transfers with clients, being more con- servative with internal fraud detection pro- cesses and paying attention for any outlier transactions. Most banks and many customers have taken steps to improve cybersecurity fol- lowing high-profile attacks and increased regulatory scrutiny. However, any plan to reduce business takeover risks both inside the bank and when guiding customer activities must be flexible to adapt to new threats. Criminals are looking for the easiest way to collect money and their methods will constantly evolve to circumvent today’s detective controls and protective measures. Educating clients about how to avoid and address risks and adjusting process- es within your bank can improve the en- vironment for both your bank and your clients. A stronger risk environment can increase customer satisfaction, reduce strain on busy internal employ- ees tasked to track down lost funds and help you avoid having to guide your customers through the misfortune of criminal hacking. n