Fed Governor Raskin Warns of Cyber-Attacks On Banks, Urges Focus on Reputational Risk

Bloomberg Law: Privacy & Data Security brings you single-source access to the expertise of Bloomberg Law’s privacy and data security editorial team, contributing practitioners,...

By Jeff Bater  

Federal Reserve Governor Sarah Bloom Raskin, in a speech Feb. 28, called for a proactive approach towards protecting banks from reputational risk and sounded a warning about an increasing threat from cyber-attacks that she maintains could create customer dissatisfaction and erode consumer confidence.

Raskin, speaking at the 2013 Banking Outlook Conference at the Fed's Atlanta bank, urged regulators to push lenders to pay more attention to reputational risk. She said the current approach to managing such risk is largely reactive rather than proactive.

“Banks and examiners tend to focus their energies on handling the threats to their reputations that have already surfaced,” Raskin said. “This is not risk management; it is crisis management--a reactive approach aimed at limiting the damage.”

“Instead, we should think about a supervisory approach that incentivizes bank managers to sufficiently contemplate, quantify if necessary, and control the factors that affect the level of such risks before they fully emerge in an unmitigated form,” she said.

Raskin suggested banks face further damage to their reputations at the hands of computer hackers. She said cyber-attacks on banks are occurring with increasing frequency, affecting their customers.

“Recently, distributed denial-of-service attacks have caused temporary disruptions of some web services,” Raskin said. “In September, the websites of several large banks were rendered inaccessible for several hours from attacks now attributed to possible foreign state-sponsored hackers.”

She said one of the greatest threats facing not just banks but many businesses and government agencies is hacking--and the possible theft of proprietary data and personal information about customers.

“This cybersecurity threat is increasing at a time when more and more bank customers depend on electronic and mobile banking,” Raskin said. “Workers are using their own laptops and smart phones or working remotely from home computers, and this increases the entry points to the systems that need to be protected.”

“In addition, customers and vendors are linking their systems, enhancing efficiency, but also creating more opportunities for potential intrusions,” she added. “But even beyond the potential theft of data and disruption of service, cyberattacks can represent significant reputational risk because they have the potential to create dissatisfaction among many customers or, even more chilling, total loss of consumer confidence.”


Full text of the speech, which was webcast, is available at http://op.bna.com/bar.nsf/r?Open=jbar-95cpqc.

An archived version of the webcast is available at http://www.ustream.tv/channel/federal-reserve-bank-of-atlanta.