UK watchdog tells banks to fight cybercrime with innovative tech

Banks are the most vulnerable and the main target of criminals who keep changing techniques in the digital age to severely attack the financial systems. Consequently, they need to defend themselves and their customer's money and install cybersecurity in a broader intelligence-based approach. 

In addition, they need to learn about the new threats created by geopolitical situations, exposed data and third-party risks. One of the key areas targeted by such evil groups is the email or SMS that the fake organisation sends to the customers. The victims get a fake link that asks them to share their identification and authenticate account details.   

The survey of 2100 firms by the watchdogs in the UK found that phishing and identity theft were the most common threats, where emails were sent from someone posing as a bank official asking to reveal their passwords or credit card details. 

Some got automatic voice recordings that asked to fill in account details or share information through keypads. In such calls, banks are not involved directly and cannot provide any support to avoid such incidents. They can only provide educational messages on social media or ATMs to help educate customers to stay alert. 

However, some institutions are improving security operations by using monitoring tools to apply advanced analytics systems based on AI and machine learning to detect malicious transactions. 

In addition, employees are trained to handle security issues and asked about the innovative approach adopted by the institution to hold an integrity and high-value work culture.

Banks faced criticism for cutting off 1.1m prospective individual customers and companies, where it failed to give clear reasons for its actions, and such steps raised concerns among lawmakers. 

However, the firms state they spent almost five billion pounds to combat the before-mentioned risks and over a billion on prisons against money laundering crimes. The cost includes the regulatory fine, breaches and business loss caused by reputation damage. 

The regulatory agencies have announced a heavy penalty for financial organisations that fall prey to such attacks. In addition, service providers are working to counter data breaches and fraudulent payments and protect customers from partner systems.

Banks continue to employ thousands of investigators to review accounts and risky transactions. Nevertheless, there is a hesitation to employ new methods to support the work functions if it increases regulatory risks. Risk aversion may not help such institutions that are functioning on automatic systems. 

Some are working to integrate applications to check fake transactions at all levels, services and products. But cybercriminal hack systems use effective methods to make rapid cyberattacks, reaching everyone in every part of the world through the internet. 

The industry is stuck in outdated legacy infrastructure and capabilities that cannot keep up with the evolving threats. 

These institutions' systems are not updated; instead, they are vulnerable to such attacks. Some are adopting cloud-based data storage systems to avoid in-house security breaches.

How Can Banks Improve Their Functions?

• Globally, these firms must integrate multiple-factor authentication, biometric logins and other methods to verify payment on digital wallets.

• They must use AI and machine learning to prevent potential phishing threats in real time, track crime sources, and respond quickly to attacks without human intervention.

• Security is not an IT issue and should not be given over exclusively to the IT department. The institutions require specialised teams to handle internal errors and practices like basic hygiene factors associated with mobile apps and vulnerabilities created by the work culture.

• The future mobiles will work as a multipurpose instrument for many different tasks. Therefore, a joint effort of customers, banks and regulatory authorities is required to handle the issues related to the transactions conducted on mobile phones.