Skip to content
BOL Conferences Top Gun 23
Thread Options
#2129227 - 05/04/17 04:55 PM Commercial account highjack-what if?
elebra Offline
100 Club
Joined: Apr 2009
Posts: 106
What if a commercial customer gets a phishing email. Customer opens email. Computer gets highjacked. Online cash management account is compromised. Highjackers transfer out $250,000. Would the bank be protected? What, if any, regs apply?

Return to Top
Deposits and Payments
#2129242 - 05/04/17 05:45 PM Re: Commercial account highjack-what if? elebra
BrianC Offline
Power Poster
BrianC
Joined: Nov 2004
Posts: 6,428
Illinois
This is governed by your state's Uniform Commercial Code and the "reasonable commercial standards" of your online security monitoring and strength of login processes as well as your agreement with the commercial customer. You should have your legal department review your contract and state law as well as review the FFIEC Supplemental Guidance and 2005 FFIEC Guidance on the topic and determine if your authentication and monitoring processes are sufficient.

Regardless of the measures that you have in place, that may not stop your customer from suing you.
_________________________
Sola Gratia, Sola Fides, Sola Scriptura, Solus Christus, Soli Deo Gloria!
www.tcaregs.com

Return to Top

Moderator:  John Burnett