Financial Services Sector: Beware of IT Fraud
(Rome, Italy) - Fraud and theft in information
technology is a
large area of concern for any business, but
particularly those in the financial services
sector. Unfortunately, the necessary safeguards
against these crimes are commonly misunderstood
by those outside the IT field. In "Questions to
Ask when Investing in Information Technology,"
one of Tuesday morning's educational break-out
sessions, Kurt Lykins, chief technology officer
for Corporate One Federal Credit Union, outlined
the best systems for keeping vital information
secure while meeting the credit union's diverse
and changing needs.
In addition to Lykins' ten years of experience
with Corporate One, he has volunteered his
technical expertise to WOCCU on several projects,
broadening his understanding of the technical
needs and capabilities in credit unions outside
of the US. His advice encapsulated a large range
of systems, from rudimentary to complex. With the
aid of simple language and diagrams, Lykins
clarified his points in a way that even the
technological novice could understand.
He warned about the dangers of connecting all
computers directly to a central server, citing
the example of a credit union he had worked with
whose system had been tapped into by the creator
of a music downloading site as proof of the
weakness of this model. Instead, he advised the
use of a firewall for maximum protection.
The exchange of credit card information over
Internet is another area fraught with risk.
Besides ensuring one's own system is secure, it
is necessary to verify the legitimacy of the
party with which a transaction is being made.
Lykins gave the example of a hacker who
replicated the website of a major clothing
manufacturer in the early days of online
shopping, changing only one letter in the website
address. The fraudulent website existed for four
months and collected over 30,000 credit card
numbers before it was discovered by authorities.
Sometimes security measures are simple, Lykins
explained. For example, the symbol for a website
that encrypts confidential information is an
unbroken key on Netscape and a padlock on
Internet Explorer. Just by looking at the bottom
corner of the screen it is possible to know if
the information you are sending is secure.
However, as systems grow more advanced, so do the
tactics of exploiters, so it is important to keep
abreast of new security measures and update them
whenever possible. He advised that virus-
preventing software be updated at least once a
Although securing a more complex system
requires greater care, even rudimentary systems
must be monitered. Lykins used the example of a
credit union with only one computer and no
Internet connection. It is still necessary to
ensure that, in the case of a crash, the backup
data is updated and saved. And, whenever
possible, software should be updated.
Lykins stressed the importance of preventative
measures, such as formulating a plan of action in
the event of a security breach. "When a bank is
robbed, managers don't sit around deciding how to
respond," he said. "They have a pre-formed plan
of action. The same is necessary with regards to
IT." In the confusion and panic that always
follows a major malfunction, a clear procedure
will make a big difference in the credit union's
ability to handle the situation quickly and
Other break-out sessions of the day
included "Creating a Culture
for High Performance and High Fulfillment," led
by Eric Klein, president of Dharma Consulting of
the US; "Co-
operative Banks: German and Italian Experiences,"
led by Carlo Barbieri, head of the international
department of ICCREA Holding of Italy and Jochen
Lehnhoff, board member of the Bundesverband
Deutschen Volksbanken und Raiffeisenbanken of
Germany; and "De-Mutualization: Exploring the
Consequences," led by Adrian Coles, director-
general of the Building Societies Association of
the UK and Frank Diekmann, editor of The
Union Journal of the US.
World Council of Credit Unions is the global trade association and development agency for credit unions. World Council promotes the sustainable development of credit unions and other financial cooperatives around the world to empower people through access to high quality and affordable financial services. World Council advocates on behalf of the global credit union system before international organizations and works with national governments to improve legislation and regulation. Its technical assistance programs introduce new tools and technologies to strengthen credit unions' financial performance and increase their outreach.
World Council has implemented more than 290 technical assistance programs in 71 countries. Worldwide, 56,000 credit unions in 101 countries serve 200 million people. Learn more about World Council's impact around the world at www.woccu.org.