“It's a pretty big issue for us,” said
According to Sibears, the typical scenario of a breach involves individuals who hack into the private email accounts of FINRA members' customers, gaining access to the clients' correspondence with the firms. Posing as the customer, Sibears said, the hackers then tell the firm there has been an emergency and seek to move thousands of dollars worth of cash or securities.
Because everything looks legitimate from the firm's perspective, the company wires out the money into an account that the customer had never used, he said. The result, Sibears said, has been a “fair amount of harm” to the firm's customers.
“I think the good news is that firms are generally making customers 100 percent whole … but it's an issue for firms to be focused on,” Sibears added.
FINRA, he said, has sent out letters to firms in an effort “to get our arms around what's happening in this space.” From a compliance standpoint, Sibears explained, the firms wire the money to the hackers either because the customer validation procedures are inadequate or because the firm employees are in a hurry to assist the client.
Not a High Priority for
“From the examination program perspective, [I] can't say it's been a high priority yet, but we definitely understand that the issue's out there,” said Davis, who spoke alongside Sibears. “I think it will probably … be a focus area for the upcoming year.”
Davis advised that firms should keep cybersecurity on their “radar.” The
For state regulators, cybersecurity issues are a top area of focus. According to
“The costs associated with a breach are tremendous,” said Ramge, who also spoke on the panel.
|Copyright:||(c) 2013 Financial Planning. All rights Reserved.|
|Source:||Source Media, Inc.|