Analytics software companies will tell you their solutions can show almost everything about their customers — and the more data the better.
But senior executives from Canadian financial institutions were warned Thursday that IT alone won’t stop con artists, thieves and possibly terrorists from ruining companies.
People still have to look at the data and spot suspicious behaviour, Dan Soto, chief compliance officer of North Carolina-based Ally Financial, told a customer conference in Toronto put on by business intelligence software company SAS Institute.
“It only takes one customer to bring down an organization” by laundering money, he said, citing scandals in banks in the U.S., Mexico and Russia.
And he admitted that Ally, a SAS customer which needed a US$17 billion bailout from Washington when financial institutions there took a bath, is no exception to problems. SAS sells business analytic software to major banks and insurance companies.
“While you’re gathering all that customer data one of the things we need to thing about how do we become integrated with what you’re selling to how we make sure we understand who our customer is.”
And to prove his point he showed a Minnesota driver’s licence with a woman’s name and address. The photo on the licence, however, showed a man and a woman. An obvious fake, yet a bank employee accepted it as ID and gave the woman an account.
Soto also noted that every presentation at Thursday’s conference was about how to get customers and watching their transactions, “but true good risk management starts at the forefront — who are these individuals?” he asked.
In an interview later he expanded on his warning, saying “we need to be diligent and not think that technology is going to be the answer for us in ferreting out risk. People still have to look at the information and make decisions.”
“Its not just about buying technology. It’s still about understanding your business, your customers, your processes, who your people are, what their skill sets are in mining risks. Technology should be the enabler that helps you be better at everything from selling to the customer to having more risk management around that customer.”
By coincidence on Sunday he was at a conference where he recalled the U.S. comptroller of currency complained there were “massive failures in technology. IT, which should be in the forefront of risk management, isn’t working. We’re fighting the last war, not the next” because the massive amount of data being collected forces financial institutions to look back into the information they have, not look ahead.
Financial institutions should be thinking about the possible threats from digital currencies like Bitcoin, Soto quoted the official as saying. He also quoted the U.S. deputy attorney general at the some conference complaining that risk management programs of financial institutions not being well-funded. Financial institutions have to integrate risk management into their marketing divisions, Soto said.
Instead governance, risk and compliance software platforms often sit isolated, which doesn’t help find dangerous customers. Compliance and marketing departments often analyze the same customer data, he said. So on behalf of compliance departments, he urged marketers to “let us in with you.”
“I heard a lot today about the uses of technology to sell. But I think really we need to focus technology for to understand our customers and what they’re doing … We have to keep testing and searching for new patterns in banking.”
Growing the Security Analyst
In the fight against cyber bad guys, having smart, skilled good guys is critical. But even as businesses increase their reliance on security analysts, they face a serious workforce shortage as they attempt to find and hire the talent needed. The solution: grow your own. This business white paper coaches IT leaders on how to develop and retain the security analysts they need to keep their business safe.