Photo of Scott Baird

Scott M. Baird is an associate in the firm's Business Transactions and Finance Groups, where his practice involves all aspects of corporate and securities law, including corporate governance, mergers and acquisitions, private equity and venture capital transactions, joint ventures, finance transactions, and securities law and compliance. He focuses on new legislation as well as regulatory and compliance matters involving financial service institutions. Read his full rc.com bio.

In an effort to combat an increasing number of fraudulent transfers carried out using its network, SWIFT, the international bank transfer network, announced this month that it is adding new tools and controls designed to prevent fraudulent transfers in real time.

SWIFT reported that the new tools integrate into the SWIFT system directly without the need for new hardware or software and allow financial institutions to screen SWIFT message flows according to a set of pre-defined parameters. Suspicious money transfer requests would be immediately flagged and can be reviewed by a financial institution before processing.
Continue Reading SWIFT Shores Up Network Security With Real Time Cybersecurity Tools

Cybersecurity specialists at BAE Systems and Symantec announced last week new evidence suggesting that the criminals behind the notorious 2014 attack on Sony Corp. are also responsible for recent cyber-attacks involving 104 organizations in 31 countries. Researchers and investigators have long attributed the 2014 Sony attack, which crippled computer systems and revealed internal emails, to the North Korea-linked group known as “Lazarus.” Malware recently discovered running on the computers of a Polish bank suggest that the Lazarus group is now targeting global financial institutions using a sophisticated “watering hole” technique.
Continue Reading Sony Cyber-Attackers Lurking at Financial Supervisor “Watering Hole” Target Banks and Others

On January 17, 2017, officials in Farmington, Connecticut disclosed that the town was recently the victim of a multi-million dollar theft likely perpetrated by sophisticated cybercriminals operating in China. The thieves intercepted a $2 million dollar Automated Clearing House (ACH) transfer that was intended as payment to a local company for work on a large town project.

The theft, which serves as a stark reminder to organizations of the need to assess and update their money transfer internal controls, is the latest in a string of cyber fraud schemes exploiting ACH, Society for Worldwide Interbank Financial Telecommunication (SWIFT), and other money transfer systems. Similar thefts of municipal money have been reported in Kansas, Texas, and New Hampshire, and attacks on banks in Ukraine, Bangladesh, and Ecuador have resulted in losses ranging from $10 million to $81 million.
Continue Reading Connecticut Town Struck by Cyber Fraud

The New York Department of Financial Services announced last week that it will revise and delay the effective date of its proposed cybersecurity regulation. The announcement came two days after New York bankers brought up a number of criticisms of the proposed rules at a hearing before the state’s Standing Committee on Banks.

At the hearing, bankers lamented that the proposed regulation will prove too burdensome to implement, particularly for small community banks.
Continue Reading Bank Objections Play Key Role in Delay of New York Cybersecurity Regulation

UK-based Tesco Bank froze online transactions on Monday after discovering that cyber-criminals stole money from 20,000 different customer accounts. The exact method used by the perpetrators is still under review, but preliminary analysis suggests the attackers exploited weaknesses in the bank’s online payment system related to the  processing of debit card transactions. The Bank has

As cyber-attacks involving the global payment system SWIFT increase in frequency abroad, U.S. regulators are discussing steps designed to protect against similar attacks on U.S. financial institutions. The Federal Reserve, Office of the Comptroller of the Currency and the Federal Deposit Insurance Corp. issued a joint letter last week to Representative Carolyn Maloney (D-NY) of

An unnamed bank in Ukraine is the most recent victim in a series of cyber-attacks exploiting vulnerabilities in the international banking communications system. According to an independent IT monitoring organization, hackers stole approximately $10 million by breaking into the Ukrainian bank’s internal network and submitting fraudulent money orders via SWIFT, the messaging system responsible for

In order to better address both the opportunities and risks associated with the innovative use of consumer data by financial institutions, the European Banking Authority (EBA) released a discussion paper last week seeking public comments on the subject.

The EBA notes in the paper that the increasing digitalization of the economy and the adoption of

In an era of cyberwarfare, financial institutions can find themselves in the crossfire. The U.S. government indicted seven Iranian hackers last week, charging the individuals for their roles in a 2011 series of cyber-attacks targeting at least 46 major banking institutions. The attacks, which Attorney General Loretta Lynch called “relentless,” “systematic” and “widespread,” were carried

Long gone are the days when a financial institution’s primary security concern was protecting cash in the bank vault, the Federal Deposit Insurance Corporation (FDIC) acknowledges in its recent article, “A Framework for Cybersecurity,” released February 1, 2016. Instead, the framework asserts that cyber-attacks now represent “one of the most critical challenges facing