Fast Facts: Student Loans

January 22, 2013
/   Insights

The Financial Services Roundtable recently released another iteration of its Fast Facts, reliable, bullet-point research about issues facing the financial services industry. Topics span TARP, Dodd-Frank, insurance, lending, retirement savings and more.  Below are some updated Fast...

Cause and Effect: If you build it, will they come?

July 23, 2014
/   Spotlight

Many financial institutions assume that digital banking is lucrative because the most valuable customers happen to bank online. While there is certainly a correlation between online bankers and higher profitability, quantitative evidence suggests that...

Intuit 2020 Report: The Future of Financial Services

April 11, 2011
/   Insights

Today, Intuit released the latest edition of the Intuit 2020 report, Intuit 2020 Report: The Future of Financial Services, which identifies and examines four key trend areas that will  transform the financial services industry...

The Top 10 Trends in the Digital Banking Industry

December 18, 2013
/   Spotlight

2014 is rapidly approaching and as the year wraps, the Digital Insight team has pulled together the top 10 trends in the digital banking industry based on data and trends from studying financial institutions....

Small Business: Perception vs. Reality

November 21, 2012
/   Insights

In the most recent election cycle, like most others before it, the one sector of the economy that got the most attention was small business.  This is the future, we were told by every...

Industry Perception, Optical Delusion

January 14, 2013
/   Insights

In Washington, they talk a lot about ‘optics.’ This has nothing to do with regulatory scrutiny, or government mandates on eyeglasses. It has to do with perception—how something looks, the way a particular story...

Financial Literacy Month: How are you celebrating?

March 22, 2013
/   Insights

With April approaching, it’s almost time to kick off Financial Literacy Month! Strongly supported by the United States Congress and the Financial Literacy and Education Commission, Financial Literacy Month aims to promote the importance...

Social Banking: Blessing or Curse?

August 1, 2012
/   Insights

While the topic of Facebook and banking has generated plenty of heat (though not necessarily a lot of light), the debate seems mostly focused on two broad issues: The much-maligned IPO, and the notion...

It’s hard to think of two industries more regulated than healthcare and banking. Launching a business in either arena means ploughing through a plethora of compliance mandates, all designed specifically to protect the customers of each. That’s of course appropriate, but there are odd disconnects at the core of it all.

In both industries, and in most others, technologies are developed, adopted and discarded at lightning speed, and each has a serious impact on routine operations. Regulations, meanwhile, can take years to legislate and implement. That makes for some serious confusion about what’s in compliance, and what’s not. And, the rules are very different for consumers than they are for businesses.

Some of these issues might play out in a low-profile lawsuit before the courts right now. Chelan County Hospital No. 1, part of the Cascade Medical Center in Leavenworth, Wash., is officially suing Bank of America for a cybercrime committed almost two years ago. The case, which was filed last fall, hasn’t received much attention, perhaps because the numbers aren’t particularly big. The scam amounted to ‘unauthorized transfers,’ the lawsuit refers to only three and they amounted just over $1 million. And BofA—which recorded net income of $4.8 billion on revenue of $85.1 billion for 2014—did indeed get back some $400,000 of the money that was stolen.

Krebs on Security, the invaluable blog that is often ahead of the pack on cybercrime, has been on this case since it occurred, and explores the broader ramifications.

Here’s the gist: In April 2013, cybercriminal operatives broke into the accounts of the hospital in question and added nearly 100 ‘money mules’ (individuals recruited to steal and launder stolen cash, even if they sometimes don’t know it) to the payroll. They then initiated those unauthorized transfers. The official complaint states that the county treasurer’s staff spotted the suspicious activity and promptly alerted the bank. A bank representative then reached out to the county’s treasurer’s office to ask if the pending transfer requests were indeed authorized, and was immediately told it wasn’t. However, the bank processed the transfers anyway.

Again, the numbers are, by industry standards, tiny and the entire affair might yet be chalked up to human error or even a bureaucratic stumble. But there are larger issues at play.

First, as the lawsuit makes clear, BofA provided Chelan County and the Taxing Districts with Bank of America software for use in all such processes. It’s not an issue here, but in similar cases this could become relevant with regard to liability.

And also, as mentioned earlier, businesses don’t have the same safety blanket as consumers. For the latter there’s Regulation E, which fundamentally limits potential losses from unauthorized transfers like these. For businesses, meanwhile, going to court is often the only option.

It’s entirely possible that this particular suit will be settled one way or another—with these numbers, legal fees alone could be higher. But it would be wise to consider the larger picture.

It’s not as if large-scale cybercrimes are new—there’s been a slew of them in just the past year, with brands that are household names being victimized (along with their customers). Many of these companies have sustained massive damage to the overall brand, not to mention the bottom line. Some are still digging their way out of the rubble.

That’s messy enough. But when cybercrime causes healthcare and banking to be pitted against other in a courtroom setting, all against the backdrop of extensive regulations governing each industry, the potential for toxicity is even higher.


Insights’s perspective on industry news and trends



Must-read news and insights from financial industry leaders



Compelling voices and contributed content from around the web

James W. Gabberty

Gabberty is a professor of information systems at Pace University in New York City. An alumnus of the Massachusetts Institute of Technology and New York University Polytechnic Institute, he has served as an expert witness in telecommunication and information security at the federal and state levels and holds numerous certifications from SANS & ISACA.

Brad Strothkamp

Marisa Mann

Marisa Mann brings over 15 years of experience in consulting and financial services industries to the Solstice team, working on large scale enterprise initiatives across many technologies, including specializing in the digital space – Internet and mobile. Mann is passionate about mobile and the endless possibilities for the enterprise, delivering business value through strong brand recognition and driving to excellence in the consumer experience. Prior to Solstice, Mann worked at JP Morgan Chase, Diamond Management and Technology Consultants, Washington Mutual, Inc, and Accenture.

Zachary Ehrlich

25-year-old writer, and as a native San Franciscan, I am unreasonably loyal to Bank of America, if only for their superhero-like origin story, involving the 1906 earthquake and Italian fruit vendors.