From: TechWeb Business Technology Site

<!-body->Financial institutions are grappling with complex data-integration issues as they aim to comply with the Basel II framework, an international agreement that places specific requirements on how banks compute the risk associated with their assets. U.S. companies have until January 2008 to comply with the framework, but given the amount of work involved, it will be a race to the finish.

Basel II was approved last year by the Bank for International Settlements, the governing body of the world’s central banks. It’s intended to motivate banks to upgrade and improve their risk-management systems, business models, and capital strategies by requiring that regulatory capital-the funds banks must set aside to cover losses from bad loans or other problems-be computed based on the riskiness of a bank’s assets. Central to this approach is letting banks create internal ratings systems for grading loans and other financial instruments and develop advanced measurement approaches for operational risk such as the likelihood of losses caused by unpredictable events.

Click HERE to read complete article

From COMPUTERWORLD.COM

So, you have the best firewall, intrusion-detection and antivirus systems technology has to offer. Yet, despite your Fort Knox approach, you’re still hit with security breaches and the occasional malware du jour. One reason for this may be the lack of motivation by your workers. Unlike owners, they don’t have a direct interest in the success of the company. Or do they? How far are they willing to go to ensure corporate success?

Usually, not very. In fact, in most cases, they don’t put much additional effort into executing their duties—just enough to get the work done and retain their jobs. According to Ken Shaurette, information security solutions manager at MPC Technology Solutions, however, "a too-often overlooked way to improve these attitudes is to include information security in the job descriptions of employees." When your organization makes security awareness and policy compliance mandatory, the apathetic trend can be reversed.

Click HERE to read the complete article…

From BANK INFO SECURITY Web Site:

The Federal Financial Institutions Examination Council (FFIEC) has issued the attached guidance, "Authentication in an Internet Banking Environment." For banks offering Internet-based financial services, the guidance describes enhanced authentication methods that regulators expect banks to use when authenticating the identity of customers using the on-line products and services. Examiners will review this area to determine a financial institution’s progress in complying with this guidance during upcoming examinations. Financial Institutions will be expected to achieve compliance with the guidance no later than….

To read the complete article, CLICK HERE. 

From Bankers Online…

One of the more effective tools used by scam artists in phishing and pharming attacks is the "spoofed" Web site. The look and feel of a legitimate site - often a financial institution’s site, but any Web commerce site will do - is copied, and the customer is fooled into entering information such as an Internet banking username and password, credit card information or other information that a criminal can use to fraudulently use the customer’s account or steal the customer’s identity.

Successful "spoofs" of your Web site can expose your institution to strategic, operational, and reputational risks. They can result in a risk of unintentional release of private customer information, and expose institutions and their customers to financial losses.

Click HERE to read the complete article…