UK watchdog tells banks to fight cybercrime with innovative tech

Banks are the most vulnerable and the main target of the criminals who keep changing techniques in the digital age to make severe attacks on the financial systems. Consequently, they need to defend themselves and their customer's money and install cybersecurity in a broader intelligence-based approach. 

In addition, they need to learn about the new threats created by geopolitical situations, exposed data and third party risks. One of the key areas targeted by such evil groups is the email or SMS that the fake organisation sends to the customers. The victims get a fake link that asks them to share their identification and authenticate account details.   

The survey on 2100 firms by the watchdogs in the UK found that phishing and identity theft were the most common threats where emails were sent from someone posing as a bank official asking to reveal their passwords or credit card details. 

Some got automatic voice recordings that asked to fill in account details or share information through keypads. In such calls, banks are not involved directly, and they cannot directly provide any support to avoid such incidents. They can only provide educational messages on social media or ATMs to help educate customers to stay alert. 

However, some institutions are improving security operations by using monitoring tools to apply advanced analytics systems based on AI and machine learning to detect malicious transactions. 

In addition, employees are trained to handle security issues, and they are asked about the innovative approach adopted by the institution to hold integrity and high-value work culture.

Banks faced criticism for cutting off 1.1m prospective individual customers and companies, where it failed to give clear reasons for its actions, and such steps raised concerns among the lawmakers. 

However, the firms state they spent almost five billion pounds to combat the before-mentioned risks and over a billion on prisons against money laundering crimes. The cost includes the regulatory fine, breaches and loss of business caused through reputations damage. 

The regulatory agencies have announced a heavy penalty for financial organisations that fall prey to such attacks. In addition, service providers are working to counter data breaches, fraudulent payments and protect customers from the partner systems.

Banks continue to employ thousands of investigators to review accounts and risky transactions. Nevertheless, there is a hesitation to employ new methods to support the work functions if it increases regulatory risks. Risk aversion may not help such institutions that are functioning on automatic systems. 

Some are seriously working to integrate applications to check fake transactions at all levels, services and products. But cybercriminal hack systems use effective methods to make rapid cyberattacks, reaching everyone in every part of the world through the internet. 

The industry is stuck in outdated legacy infrastructure and capabilities that could not keep up with the evolving threats. 

The systems used by these institutions are not updated; instead, vulnerable to such attacks. Some are adopting cloud-based data storage systems to avoid in-house security breaches.

How Can Banks Improve their Functions?

• Globally these firms need to integrate multiple-factor authentication, biometric logins and other methods to verify payment on digital wallets.

• They need to use AI and machine learning to prevent potential phishing threats in real-time to track crimes' sources and respond fast to the attacks without human intervention.

• Security is not an IT issue and should not be given over exclusively to the IT department. The institutions require specialised teams to handle internal errors and practices like basic hygiene factors associated with mobile apps and vulnerabilities created by the work culture.

• The future mobiles will work as a multipurpose instrument used for many different tasks. Therefore, a joint effort of customers, banks and regulatory authorities is required to handle the issues related to the transactions conducted on mobile phones.