This $38 billion bank has invested a great deal of time and effort into its online security program, continuously conducting risk assessments and making strides to ensure commercial customers stay informed about evolving online-banking risks.
A California judge handed down a 12-year prison sentence to a phisher who stole financial details from more than 38,000 online accountholders. Observers say the sentence signals a changing attitude about the severity of cybercrimes.
Corporate account takeover events are reigniting the debate between banks and their former commercial customers, about everything from fraud liability and the "good faith" standard to commercially reasonable security.
"The FFIEC guidance does a good job of addressing today's and yesterday's threats and suggested techniques, but it is not sufficiently forward-looking," says Gartner's Avivah Litan. "Two years from now, the guidance will be sorely out of date."
The Federal Financial Institutions Examination Council has formally released the long-awaited update to its "Authentication in an Internet Banking Environment" guidance. The new directives take effect January 2012.