Use Case for Assessing Risk on Corporate Account Takeovers
Why assess the risk? Cyber criminals use various attack methods to exploit check archiving and verification services that enable them to issue counterfeit checks, impersonate the customer over the phone to arrange funds transfers, mimic legitimate communication from the financial institution to verify transactions, create unauthorized wire transfers and ACH payments, or initiate other changes to the account. In addition to targeting account information, cyber criminals also seek to gain customer lists and/or proprietary information – often through the spread of malware – that can also cause indirect losses and reputational damage to a business. Assessing the threat and vulnerabilities regarding corporate account takeovers and educating all stakeholders (the bank, businesses and consumers) on how to identify and protect themselves against this activity is the first step to combating cyber-criminal activity.
Who should assess the risks? Electronic Banking Officer, Chief Operating Officer, Cash Management Officer, Information Technology Officer, Security Officer, Data Security Officer, Operations Managers
How to assess the risk: Rate the KRIs to determine if a threat would successfully exploit a vulnerability and to justify expenditures to implement countermeasures to protect the bank’s assets or reputation. Use the “Focus Risk Assessment” tool for in-depth analysis of risks and mitigation techniques.