When IT Meets Politics

Feb 9 2014   7:26AM GMT

Is “know your customer” the on-line fraudsters’ greatest ally?

Philip Virgo Profile: Philip Virgo

Tags:
Barclays
crime
Data protection
Fraud
kyc
liquidator
Money laundering

The press cover for the use by fraudsters of files from a defunct Barclays subsidiary serves to highlight the counter-productive nature of the “know your customer regulations” which require banks, brokers and “financial advisors” to collect and keep information for supposed consumer protection and anti-money-laundering reasons. The churn rate among brokers and “financial advisors” and the lack of responsibility of liquidators to safeguard (or at least delete) the files on computers they may be selling, as opposed to getting the best price for the creditors, illustrates soem of the consequences. 

The Daily Mail article also reminded me of a conversation after an “awareness” event. I was asked to consider a similar exercise for a silver surfers by an organisation whose high value clients were being targeted by fraudsters who had all the information necessary for  successful impersonations. They did not know if the problem was shared or peculiar to them. It was too commercially sensitive to talk with their competitors and they could find no leak or breach. Was it some-one in their supply chain? Was it a common problem: e.g. a fake “Cruises’Rus” website to harvest the details and preferences of high value silver surfers? They did not subsequently offer to help with funding, so I filed the conversation away. 

Yesterday I was drafting a possible call for reform of the EU approach to Data Protection, Electronic Identities and Information Security. One of the high level recommendations was:


ยท         “Regulation should focus less on what is stored, (given the many requirements of consumer protection regulators and others to retain that which is not required for business purposes) and more on who has access, under what conditions and how that right of access is checked and exercised.”


We should never forget that what is retained for regulatory, not business, reasons is a potential honey pot for fraudsters.

 

      Related articles

 Comment on this Post

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

Share this item with your network: