The resources on this page are available to help you to understand and assess your risk of online fraud and to better understand strategies and solutions that can help you to meet the updated FFIEC guidance expectations.
FFIEC Online Banking Security Readiness Study
This study, conducted in November 2011, reflects what financial institutions are doing - and have already done - to meet the 2012 deadline set forth in the FFIEC Guidance Supplement issued in June 2011. Findings highlight institutions' aggressive effort to conform with the Guidance as well as the surprisingly low level of understanding of the FFIEC's minimum expectations for layered security.
Practical Approach to Customer Education and Layered Security
Greg Schratwieser, CEO and founder of ICI, presents recommendations for educating employees, customers, and members about online banking fraud and how to decrease the risk of being attacked. He also presents what to look for when evaluating and selecting 3rd party solutions as part of your layered security solution.
Layered Security: Understanding, Prioritizing and Implementing the Layers
George Tubin, noted industry expert and former Tower Group analyst, provides practical advice for planning how to implement a layered security program as prescribed by the FFIEC. George will present a framework for categorizing and prioritizing the layers so you know what layers you need, the solutions available in each category, and most importantly, what to do first.
FFIEC Authentication: The Myths and Truths of Anomaly Detection
Terry Austin, Guardian Analytics CEO, and Craig Preiss, CTO and Founder, present what anomaly detection is; how it identifies suspicious activity, compromised accounts, and fraudulent transactions; how to implement and operationalize anomaly detection, and real world examples illustrating operational and fraud prevention success.
FFIEC Guidance is Out - Now What?
George Tubin of TowerGroup reviews the Guidance Supplement and what banks and credit unions can do to meet stepped-up expectations
Guardian Analytics Response to FFIEC Guidance
A summary of the 2011 Supplement to the 2005 FFIEC Online Banking Guidance, plus information on how FraudMAP Online can help financial institutions meet one of the key expectations expressed in the Supplement.
Financial Institutions are At War with a Formidable Enemy
Joseph Menn, Financial Times Technology Writer, Author of Fatal System Error
A description of today's professional fraudsters and the financial backing and industrial policies in place that enable them to invest large amounts to defeat the security you have in place today.
Existing Controls Aren't Enough
Terry Austin, CEO Guardian Analytics
Joseph Menn, Financial Times Technology Writer
Margarete Mucker, VP Remote Services, Star One Credit Union
Relentless attacks through all types of media are resulting in end point protections being breached and authentication, including multi-factor authentication, being defeated.
Best Practices for Building a Holistic Security Strategy
This paper describes a holistic fraud security strategy that uses behavioral analytics to monitor online sessions and account holder activity. A holistic behavior-based strategy looks for suspicious online activity to protect all account holders from the widest array of online fraud threats, with minimal inconvenience and disruption of legitimate online banking activity, and without rules or algorithms to maintain. It can also meet one of the key FFIEC expectations for a layered security program.
The FFIEC now expects institutions to be able to "detect and respond to suspicious activity" as part of a layered security program. Read how we can enable them to meet this key expectation.