What are the main threats that financial services firms are facing and how can they combat them?
The growing threat from cyber crime is the biggest concern. It is more than just a trend – it is a new genre of crime and a new dimension that we are all operating in.
There is cyber-enabled crime, where criminals are using the internet to carry out what they would have done by other means, and cyber-dependent crime, where they are using the internet to penetrate companies’ systems through hacking or to carry out distributed denial-of-service (DDoS) attacks.
About the expert
DCI Andy Fyfe is Deputy Director of the NFIB, based at the headquarters of City of London Police, where he previously worked for the Economic Crime Department. He has been with the force for almost all of his 23 years in law enforcement, working mostly as a fraud detective specialising in serious fraud.
The NFIB collates all reports of fraud and financially motivated cyber crime reported nationwide, investigating the more serious cases.
DDoS attacks are where external parties try to bombard your website and cause it to crash because it cannot handle that many messages at once. The attack might come from an organised criminal gang or a small group of people targeting a corporation to make a point. A handful of these attacks are reported to us each month, but we believe the scale of the problem is much greater than what we are seeing and would urge anyone who falls victim to this type of criminality to report it to
Action Fraud, the UK’s national fraud and internet crime reporting centre.
As for stealing money from banks virtually, I think it is possible to hack into a banking system and funnel money out, and it does happen, but it does not get reported to us, so I exercise caution when I see reports such as
the one recently made by Kaspersky [claiming a multinational gang of cyber criminals stole as much as $1bn from financial institutions around the world in about two years], as I think these figures are only guesses.
In an effort to combat such threats, you are starting to see cyber experts working in big firms, often within their operational risk teams.
Identity theft is another issue. Oddly enough, identity theft in itself is not a recorded crime, yet it is one of the main – if not the main – facilitator of fraud. Companies are seeing IT systems compromised, with criminals obtaining access to people’s data that is then sold on the black market.
What role can employees play in preventing financial and cyber crime?
Criminals often target the weakest link in the security chain – and mobile technology is undoubtedly one of them. Smartphones are mini computers but people perhaps do not treat them in the same way as their iPads and laptops and do not install the same levels of security, in particular anti-virus software which you can now install across all your devices. If employees are using mobile devices for their work, these devices need to be just as secure as laptops and other company IT equipment.
Cyber security often comes down to individuals, and it is important to ensure staff are well disciplined about protecting their passwords and changing them when necessary.
Employees also need to be aware of how they act on social media. If you are someone in a sensitive position within a firm who might be ripe for blackmail, avoid showing off about your work on Facebook, Twitter or other social media. For firms, it is a case of having a policy in place that makes staff aware of what they can and cannot do.
How does the increasingly global nature of financial crime affect your investigations?
We work with Europol, Interpol and the US law enforcement authorities daily to share intelligence and navigate evidential routes.
With cyber crime, because you can sit anywhere in the world and attack UK bank accounts, email addresses and so on, the need for us to co-operate across different boundaries with other law enforcement agencies is greater than ever.
But what has not sped up is the rate at which you receive evidence from overseas. Due to the formal process involved, it can still take a very long time, even though cyber crime happens across boundaries at the speed of light now – or at least as long as it takes for the attack to make its way down fibre-optic broadband.
How do you work with the financial services sector to tackle financial and cyber crime?
Out of the 24,000 or so crimes that get reported to the NFIB per month, only about 10% of them are cyber frauds, which we are sure is a massive under-representation of what actually goes on nationally.
The under-reporting is partly due to big firms being concerned about reputational issues, but it might be that companies are looking to report cyber crime to us but want to be able to do so in a more efficient way than is currently available to them. We are taking steps to make life easier for firms, especially companies that might encounter hundreds of crimes in a month.
"Because we’re based in the City, we’ve got lots of good contacts within the financial services industry"
We are developing a bulk-reporting tool so businesses are able to report multiple crimes en masse with one entry into the NFIB system. We are using several big corporate entities, including financial firms, in the pilot phase and expect to finish the evaluation by around July.
Because we’re based in the City, we’ve got lots of good contacts within the financial services industry. If you have got organised criminals attacking your systems, we want you to feel free to phone us direct and say, look, we have got a major problem here.
We are contacted several times a week by large organisations wanting help with tackling financial crime, but we are a little frustrated that we don’t necessarily get as much crime reported to us as we think is out there. Because of that, we are unable to make as strong a case as we might to government for the level of funding required to deal with the actual threat.
What can financial services firms do to assist you further in combating financial crime?
Please report more cases to us, even if it is just sharing intelligence, which would prove very helpful to us. You can solve a problem by making sure law enforcement gets to hear about what is happening, without committing yourself to a very public investigation and potential prosecutions.
I also think it is important that financial services firms do not work in silos, and share their knowledge of attacks, and what they have done to combat it, with other financial firms. I know that the finance industry has virtual communities where they share information about attacks, and do so in an anonymous way.
To help us all work even more closely together to combat financial crime a multi-agency group, led by the Home Office and the National Crime Agency and supported by the City of London Police, has set up the
Joint Money Laundering Intelligence Taskforce.
Its aim is to improve intelligence sharing arrangements to aid the fight against money laundering and build upon the national leadership against organised economic and financial crime provided by the Economic Crime Command in the National Crime Agency.
The CISI is hosting a special conference on 20 April 2015 to keep its members – and the financial services industry more generally – on the front foot in the struggle with economic crime.
Find out more