We have developed a list of recommended processes and controls to assist banks in reducing the risks of Corporate Account Takeovers. The recommended processes and controls are structured under the Protect, Detect, and Respond framework developed by the United States Secret Service, the FBI, the Internet Crime Complaint Center (IC3), and the Financial Services Information Sharing and Analysis Center (FS-ISAC). We expanded upon these processes and controls using in part the contributions from leading IT Security and Audit firms that serve the community banking industry. Subsequently, a set of Best Practices has been compiled for each of the recommended processes and controls. These Best Practices are not an all-inclusive list and are provided as guidance to assist in implementing the recommended processes and controls to reduce the risk of Corporate Account Takeover theft.
Best Practices for Reducing the Risks of Corporate Account Takeovers