Digital banking (online banking and mobile banking) makes managing your finances easier. We live in an increasingly online world, and digital banking technology allows us to pay bills, deposit checks, and send money from anywhere. Sadly, the past few years have seen a surge in attacks by cybercriminals targeting banking systems to steal data and money from customers.
The Financial Services Arbitration Board recently ruled on two complaints by Bank of Valletta customers alleging that the bank’s negligence contributed to fraud by cybercriminals. Through his decision, the arbitrator introduced an important principle of apportioning fault on the part of banks and their customers in cybercrimes.
One of the main ways criminals target banks is through their customers. They can prey on the naivety and ignorance of people who do not understand the dangers of the digital space and trick them into divulging important information.
A BOV spokesperson told the arbitrator that the bank was “in full compliance with the law and that the responsibility for the grossly negligent fraud rests entirely with the complainant.”
Banks have deep pockets and can seek legal recourse to minimize liability if they are unable to adequately protect customer assets.
Still, a duty of care towards customers is a fundamental principle when professionals deal with a public that does not necessarily understand the intricacies of modern technology. The arbitrator correctly found that the bank needed to do more to effectively comply with its duty of care to its customers.
In today’s society, it is difficult to imagine functioning without smartphones, computers, and internet communication. In this way, our entire lives are contained within a device that fits in the palm of our hands. Thousands of bank customers receive “spoofed” emails and SMS that impersonate their bank’s website using his website similar to the original.
It’s no longer just a matter of preventing cyber attacks. This has become almost impossible. It is important to prepare for a cyberattack and plan your response in advance. Banks must continually deploy new cybersecurity defenses to combat the ever-evolving world of cybercrime.
Bank customers need to be aware of what cyber-attacks look like to prevent these scams from being successful.
That’s why we need to invest more intensively in people’s education. This includes educating customers about the risks of compromising their credentials and what to do if you suspect attempted fraud.
Prompt response is important to prevent damage. However, it is nearly impossible to contact your bank in an emergency, as online help desks are often poorly equipped and bank employees do not provide quick response or guidance. Banks need to invest more in efficient online customer support to help people in need of help in emergencies.
Many banks are now partnering with third-party fintech companies, believing that they can serve their customers more efficiently. However, banks can be hit hard if they partner with third-party vendors with poor cybersecurity. Therefore, if a bank wants to avoid the impact of reputational risk, it must choose its ITC partner with great care.
The most fundamental purpose of cybersecurity in digital banking is to protect customer assets. Especially in a cashless society where more payments and transactions are done online.
At the end of the day, a bank’s duty of care towards its customers must be paramount.