Cyber-enabled fraud is among the highest reported threats to the country’s financial sector, a new government report has revealed.
The Federal Government’s latest risk assessment of Australia’s financial sector and its first risk assessment of the securities and derivatives sector, has revealed how criminals can, and have, exploited the country’s financial system to engage in criminal activity.
Minister for Justice, Michael Keenan, released the Australian Transaction Reports and Analysis Centre’s (AUSTRAC’s) Australia’s securities & derivatives sector: money laundering and terrorism financing risk assessment report in Sydney on 12 July.
Fraud, including cyber-enabled fraud, was by far the highest reported threat to the sector, according to the report, representing around 51 per cent of the suspicious matter reports received by the government, with a significant number of customer email accounts and trading accounts being hacked and, in some cases, money stolen.
Half of the fraud-related suspicious matter reports were enabled by cybercrime, according to AUSTRAC, with the activities revealed in the cyber-related suspicious matter reports predominantly into two broad trends.
The first trend involves email, where a cybercriminal hacks a customer’s email account and sends fraudulent instructions to financial institutions to close out the client’s trading positions or transfer client funds to other accounts or third parties.
This issue could occur with retail and wholesale customers, the report stated.
The second trend involves unauthorised account access, where a cybercriminal hacks a customer’s online trading account and conducts trades, closes out positions or transfers funds to other accounts or third parties.
In some cases this activity was enabled by fraudsters finding out the answers to the customer’s security questions by trawling through the customer’s social media. This generally applies to retail customers only, according to the report.
Overall, reporting entities engaged for the risk assessment report perceived cyber-enabled fraud as a serious issue. Some respondents assessed the threat of cyber-enabled fraud to be increasing – in both the volume and the level of sophistication.
While this climate of seemingly increasing cyber-related crime in the financial sector is likely to provide a greater opening in the sector for security-focused partners to increase business opportunities, the government has also taken steps to address the issues.
In response to these types of criminal threats, in late 2016, the Australian Securities Exchange (ASX) and the Australian Securities and Investments Commission (ASIC) invited the 100 largest ASX-listed companies to participant in a cyber-health check survey.
The ASX also released a public report in April 2017 highlighting the themes that emerged from this data and providing information to help companies take practical steps to improve their cyber security.