News & Resources

Financial services providers must protect ACH cards, other transfers

Nov 27, 2013 Dave King

Financial data has become one of the favorite targets of hackers and other cyber criminals, especially because so many banks, small businesses and public sector organizations have struggled to adequately protect this information. Despite the fact that the federal government, as well as various enforcement and oversight entities, have released new guidance related to payment data security, ACH cards and wire transfers remain at risk.

The cost of breaches continues to rise, and companies need to be more proactive and comprehensive when establishing data security and ID verification methods. By aligning policies with laws and best practices, a firm can avoid the indirect damages of data breaches and identity theft as well, including hurt reputations, lost funds and hindered financial stability.

Not a question of if
SC Magazine recently reported that officials from the American Bankers Association (ABA) believe that the amount of funds lost from cyber attacks has been substantial, and it is not longer a question of if an institution will be attacked, but rather when an incident will occur. Preparations and a close attention to detail are needed to ensure the safety of electronic payments, especially those that are automated such as ACH cards.

Some companies have been lulled into a false sense of security, notably when they automate their accounts payable and receivable activities. However, oversight needs to remain in place and those responsible for conducting risk management must stay alert. According to the news provider, one prominent member of the financial services community spoke to the proliferation of new threats.

"It started out with individuals infecting bank computer networks with viruses, but then we saw the criminal element get involved," Bill Nelson, CEO of Financial Services-Information Sharing Analysis Center, told the source.

SC Magazine added that Nelson was one of the first to point out the dangers of foreign cyber criminals targeting ACH transfers with distributed denial-of-service (DDoS) attacks.

Expert guidance
Sometimes the best ways to obtain working knowledge of payment data security best practices is to communicate with peers in the market, as well as contacting firms that specialize in security. By using a service provider that can adequately mentor decision-makers through the initial implementation and long-term management processes, the business will be more likely to succeed in its pursuit of protection.

Additionally, companies should work to put employees in the accounts payable and receivable departments in touch with experts who can support them in times of need.