Technology risks for financial services providers

NAB’s recent online banking “glitch” (see SMH here) is a reminder of the reliance of financial service providers on technology.

As more failures are reported by FSP’s 4 compliance questions need to be asked:

  • is the technology failure symptomatic of a more widespread systems failure in the organisation or a “one-off”? Does it have adequate resources and controls?
  • was the failure the result of cyberhacking? What security does the organisation have in place? How often is its security tested?
  • has there been a data breach as a result of a lapse in security and a failure to train staff on the importance of customer privacy?
  • were any of the services outsourced? was the third party provider adequately supervised and monitored?

Although phishing is now frequent, we have not yet seen an attack on a FSP similar to the recent attack on Sony (allegedly by North Korea) but FSP’s need to have IT security and continuity plans in place.

And communication with affected customers is an important part of any response.

 

Your Compliance Support Plan

We understand you need a cost-effective way to keep up to date with regulatory changes. Talk to us about our fixed price plans.