As cyber-attacks involving the global payment system SWIFT increase in frequency abroad, U.S. regulators are discussing steps designed to protect against similar attacks on U.S. financial institutions. The Federal Reserve, Office of the Comptroller of the Currency and the Federal Deposit Insurance Corp. issued a joint letter last week to Representative Carolyn Maloney (D-NY) of the House Financial Services Community in response to Maloney’s inquiries regarding the February theft of millions of dollars from the central bank of Bangladesh.
In the Bangladesh attack, cyber attackers used stolen operator credentials to submit 35 fraudulent SWIFT transfer requests totaling $951 million. Five of the requests passed, and the criminals made off with $81 million funneled through a web of offshore companies.
In their letter to Maloney, the U.S. regulators said that examiners are now looking more closely at bank links to the SWIFT network and that updated guidance regarding “key controls and risk management practices that should be assessed as part of supervisory oversight” will be issued soon. Maloney responded to the letter with a statement that she is encouraged by the regulators’ efforts, but that she remains “concerned about the potential for future attacks and will be asking for regular updates from our banking regulators.”
Also expressing concern over recent SWIFT attacks, six U.S. senators sent a letter to the White House on Monday, urging President Obama to press other nations at the upcoming September Group of 20 summit to develop a “coordinated strategy to combat cybercrime at critical financial institutions.” The senators highlighted the importance of international collaboration, warning that “Our financial institutions are connected in order to facilitate global commerce, but cyber criminals – whether independent or state-sponsored – imperil this international system in a way few threats have.”