The Federal Financial Institutions Examination Council advised financial institutions yesterday afternoon to monitor the risks associated with interbank messaging and wholesale payment networks. Coming just two weeks after a malware attack on the Society for Worldwide Interbank Financial Telecommunication (SWIFT) breached 12 banks. The FFIEC stated “financial institutions should review risk-management practices and controls related to information technology systems and wholesale payment networks, including risk assessment; authentication, authorization and access controls; monitoring and mitigation; fraud detection; and incident response.”
If you haven’t already been assessing this process risk via your ERM program and/or your IT/GRC program, you should. Ensuring you have all the necessary controls in place to mitigate your risk and provide assurances to examiners and stakeholders is critical for such a highly utilized and trusted financial service.