Investing the Secure Way

• By Ralph C. Jensen
• Jan 01, 2009

At the 2007 Financial Symposium held in Europe, Sir Chris Fox, former president of the Association of Chief Police Officers in the United Kingdom, focused his remarks on the strategic and corporate responsibility of partnerships for security in the finance and banking sector. His comments of yesteryear couldn’t have been more appropriate for today’s banking and financial institution leadership.

Retail and investment banks are facing critical security challenges that hinge on success and failure.

“I believe the world is getting smaller and life is getting faster,” Fox said. “The use of technology and the ease of global travel are making crime in the finance and banking sector more complex.”

Financial crime is international in nature, which makes the fight against the organized criminal difficult when police or financial institutions try to handle a situation by themselves. Partnerships and collaboration between companies, regulators and law enforcement is the only way to proceed.

In November 2008, ADT sponsored a banking and retail forum in Palm Beach, Fla., where industry experts gathered to share their thoughts and proceed with an active plan for financial security. Most of today’s criminals aren’t about walking into a bank branch and yelling, “Stick ‘em up.” The new criminal works with identity theft and fraud, both of which are growing issues, and not just in the financial world.

Preventing identity theft and fraud is almost too easy. Brad Bryant, chief of the violent crimes major offender unit with the FBI, said the easiest means to prevent such crimes is for banks and financial institutions to pool their resources and put credentialing systems in place. He also pointed toward regional coalitions between financial institutions, so banks can inform each other when criminal activity is taking place in a particular area. Bank fraud has become such a high priority with the FBI, Bryant said as many as 200 agents are now working on mortgage frauds.

Speaking of regional coalitions, the first such organization turned five years old in July 2008. ChicagoFIRST has 28 members from the financial services sector in the Chicago area, including banks, securities, futures and options firms. This also includes exchanges and insurance companies.

Expanding its relationship to the federal, state and local level, ChicagoFIRST has been pushing for the development of an interoperable credential system for essential staff in critical infrastructure sectors.

“The development of an effective credential system can expedite business and infrastructure recovery after a disaster, but private sector coordination with regional public sector response agencies is very important,” said Sara E. Alexander, deputy director of ChicagoFIRST. “We are fortunate that local and state authorities in our region are developing credential systems with the goal of becoming interoperable with the system coming on line at the federal level through the Department of Homeland Security.”

ChicagoFIRST also has played a leading role in helping establish and maintain similar organizations nationwide. Twelve such partnerships have formed in the United States, using the same basic ChicagoFIRST model, and several more partnerships are in the process of forming.

In 2006, ChicagoFIRST established RPCfirst, a regional partnership council of these coalitions, to assist with both administrative and operations tasks. A year later, members of RPCfirst held their first meeting with the Treasury Department. Also present were representatives from DHS and leaders from the energy and telecommunications sectors. The importance of this meeting was to introduce federal government officials to these regional coalitions and to familiarize the coalitions with the relevant federal partners.

Several workshops and exercises later, ChicagoFIRST had improved Chicago’s financial community. The exercises tested numerous communication protocols and emergency messaging tools, as well as the sector’s response to major emergency events or a pandemic. They also are engaging other critical infrastructure sectors and government officials in regional planning, all the while supporting the nation’s infrastructure.

Here is where it all ties together so keenly. Various concerned groups, such as the financial sector, can now help and depend upon law enforcement to back them up in case of fraud or even a potential public health emergency. Recent mailings through the postal service to banking institutions revealed white powder in an envelope. Though found to be harmless, what’s to say it might have been otherwise? This not only brought in the FBI, but the U.S. Postal Inspection Service also played a key role in resolving the situation.

Let’s face it, a crisis is no time to be exchanging business cards.

Best practices means that there is no blind eye when it comes to security. Security experts are prepared for an emergency and are set to resume business in case of an emergency or natural disaster.

The trick is to fully understand security through intelligence, assessment and research. Being prepared means developing the right response, knowing what works and properly implementing those solutions.

This article originally appeared in the January 2009 issue of Security Today.