It’s all geek to me: keeping the cyber-wolf out of Wall Street

‘The Wolf on Wall St’ – dubbed ‘Goodfellas without guns’ by some critics – tells the story of how unemployed Wall Street broker Jordan Belfort used an aggressive telephone sales technique and a creative approach with equity research to fuel a rock-star lifestyle at the expense of retail investors. The rise and fall of Belfort’s ‘pump and dump’ brokerage, Stratton Oakmont, in the mid-1990s might seem a somewhat quaint cautionary tale in that Belfort’s main weapon – the phone – has long been outstripped by faster and potentially more harmful cyber-attacks.

Financial crime comes in many shapes and sizes of course, ranging from market abuse and insider dealing to money laundering and terrorist financing. While Belfort – a licenced broker – was exploiting unwary retail investors, the International Compliance Association identifies seven types of financial criminal:

- Organised criminals, including terrorist groups, are increasingly perpetrating large-scale frauds to fund their operations;- Corrupt heads of state may use their position and powers to loot the coffers of their (often impoverished) countries;- Business leaders or senior executives manipulate or misreport financial data in order to misrepresent a company’s true financial position;- Employees from the most senior to the most junior steal company funds and other assets; - From outside the company, fraud can be perpetrated by a customer, supplier, contractor or by a person with no connection to the organisation;- Increasingly, the external fraudster is colluding with an employee to achieve bigger and better results more easily;- Finally, the successful individual criminal, serial or opportunist fraudsters in possession of their proceeds are a further group of people who have committed financial crime.

When one considers all these potential sources of criminal activity and the availability of increasingly sophisticated and hard-to-detect tools with which to commit financial crime, it is no surprise that legislative protection and penalties are getting ever more stringent.

But for banks this means that the risks and costs of protecting themselves and their clients against financial crime are getting higher all the time. According to Reuters, US and European regulators levied record fines on banks in 2013 of US$43 billion. While these fines resulted from a variety of misdemeanours – rate-rigging being primary among them – larger penalties are being slapped on banks that fail to keep up with rules designed to monitor and stamp out financial crime. US regulators levied fines totalling almost US$3 billion against non-US financial institutions in the 13 months to December 2013, largely for non-compliance with US sanctions.

As a result, spending by banks on preventing financial crime is going through the roof. A global survey of financial institutions released in December found that half of respondents expected to increase investment in compliance by 20%, while 45% predicted a similar increase in their investments to handle money laundering and tax compliance, including the US the Foreign Account Tax Compliance Act. The survey, conducted by BAE Systems Applied Intelligence and Operational Risk & Regulation magazine, also found that cyber-crime was the biggest financial crime priority for senior management teams, followed by insider and payment fraud. According BAE Systems Applied Intelligence, “These concerns reflect the high number of breaches of both personally identifiable information and commercially identifiable information at financial institutions and data suppliers over the past year.”

Senior management might have identified cyber-attacks as public enemy number one, but are they confident they can stop them? A poll of 500 public and private sector security experts conducted for PwC’s ‘2013 US State of Cybercrime Survey’ suggests not. Asked ‘do you have a methodology that helps you determine the effectiveness of your organisation’s securities programmes based on clear measures?’, 38% of respondents said ‘no’, while a further 22% were unsure.

The Wolf of Wall Street achieved fame through a hell-raising lifestyle and drug addiction that contributed to his downfall. The threat posed by cyber-wolves will be all the harder to snuff out because of its less conspicuous nature.