Financial Services Sector: Beware of IT Fraud

(Rome, Italy) - Fraud and theft in information technology is a large area of concern for any business, but particularly those in the financial services sector. Unfortunately, the necessary safeguards against these crimes are commonly misunderstood by those outside the IT field. In "Questions to Ask when Investing in Information Technology," one of Tuesday morning's educational break-out sessions, Kurt Lykins, chief technology officer for Corporate One Federal Credit Union, outlined the best systems for keeping vital information secure while meeting the credit union's diverse and changing needs.

In addition to Lykins' ten years of experience with Corporate One, he has volunteered his technical expertise to WOCCU on several projects, broadening his understanding of the technical needs and capabilities in credit unions outside of the US. His advice encapsulated a large range of systems, from rudimentary to complex. With the aid of simple language and diagrams, Lykins clarified his points in a way that even the technological novice could understand.

He warned about the dangers of connecting all computers directly to a central server, citing the example of a credit union he had worked with whose system had been tapped into by the creator of a music downloading site as proof of the weakness of this model. Instead, he advised the use of a firewall for maximum protection.

The exchange of credit card information over the Internet is another area fraught with risk. Besides ensuring one's own system is secure, it is necessary to verify the legitimacy of the party with which a transaction is being made. Lykins gave the example of a hacker who replicated the website of a major clothing manufacturer in the early days of online shopping, changing only one letter in the website address. The fraudulent website existed for four months and collected over 30,000 credit card numbers before it was discovered by authorities.

Sometimes security measures are simple, Lykins explained. For example, the symbol for a website that encrypts confidential information is an unbroken key on Netscape and a padlock on Internet Explorer. Just by looking at the bottom corner of the screen it is possible to know if the information you are sending is secure. However, as systems grow more advanced, so do the tactics of exploiters, so it is important to keep abreast of new security measures and update them whenever possible. He advised that virus- preventing software be updated at least once a week.

Although securing a more complex system naturally requires greater care, even rudimentary systems must be monitered. Lykins used the example of a credit union with only one computer and no Internet connection. It is still necessary to ensure that, in the case of a crash, the backup data is updated and saved. And, whenever possible, software should be updated.

Lykins stressed the importance of preventative measures, such as formulating a plan of action in the event of a security breach. "When a bank is robbed, managers don't sit around deciding how to respond," he said. "They have a pre-formed plan of action. The same is necessary with regards to IT." In the confusion and panic that always follows a major malfunction, a clear procedure will make a big difference in the credit union's ability to handle the situation quickly and effectively.

Other break-out sessions of the day included "Creating a Culture for High Performance and High Fulfillment," led by Eric Klein, president of Dharma Consulting of the US; "Co- operative Banks: German and Italian Experiences," led by Carlo Barbieri, head of the international department of ICCREA Holding of Italy and Jochen Lehnhoff, board member of the Bundesverband der Deutschen Volksbanken und Raiffeisenbanken of Germany; and "De-Mutualization: Exploring the Consequences," led by Adrian Coles, director- general of the Building Societies Association of the UK and Frank Diekmann, editor of The Credit Union Journal of the US.

El Consejo Mundial de Cooperativas de Ahorro y Crédito es la asociación gremial y agencia de desarrollo para el sistema internacional de cooperativas de ahorro y crédito. El Consejo Mundial promueve el crecimiento sustentable de las cooperativas de ahorro y crédito y otras cooperativas financieras en todo el mundo a fin de facultar a las personas para que mejoren su calidad de vida a través del acceso a servicios financieros asequibles y de alta calidad. El Consejo Mundial realiza esfuerzos de defensa activa en representación del sistema global de las cooperativas de ahorro y crédito ante organizaciones internacionales y trabaja con gobiernos nacionales para mejorar la legislación y la regulación. Sus programas de asistencia técnica introducen nuevas herramientas y tecnologías para fortalecer el desempeño financiero de las cooperativas de ahorro y crédito y profundizar su alcance comunitario.

El Consejo Mundial ha implementado 290 programas de asistencia técnica en 71 países. A nivel mundial, 51,000 cooperativas de ahorro y crédito en 100 países atienden a 196 millones de personas. Obtenga más información sobre el impacto global del Consejo Mundial en www.woccu.org.