Tag Archives: Banks

Banks reinforce cyber defenses after global attack

Cables and computers are seen inside a data centre at an office in the heart of the financial district in London, Britain May 15, 2017. REUTERS/Dylan Martinez

By John O’Donnell and Alexander Winning

FRANKFURT/MOSCOW (Reuters) – Banks have tightened their security systems and increased their surveillance after the global cyber assault on individuals and organizations worldwide.

Capitalizing on spying tools believed to have been developed by the U.S. National Security Agency, the “ransomware” attack launched on Friday has infected tens of thousands of computers in 104 countries, putting the financial industry on high alert.

It halted the production lines of a European carmaker and delayed surgical operations in Britain’s National Health Service.

Many suspected infections were of Russian computers. Russia’s central bank said it had recorded harmful software being sent en masse to Russian banks but that the attacks had been unsuccessful.

Sberbank, the country’s biggest lender, said viruses had not got into its systems. The bank said it was nonetheless “on high alert”.

Russia is more vulnerable to attack because organizations there often use outdated technology as an economic slowdown squeezes spending.

Many banks in Europe said they had stepped up efforts to prevent attackers getting through.

One person helping coordinate banks’ response said they were setting up back-up systems for data and introducing security upgrades.

“The banks’ greatest fear is copycat attacks,” said Keith Gross, who chairs the European Banking Federation’s cybersecurity working group. “So they are updating like a wild thing.”

ON GUARD

Germany’s savings banks, the largest and most powerful financial group in the country, received reminders from the group’s information technology company to install updates.

One large British bank said they had drafted people in to work over the weekend, having been subject to a similar attack earlier this year.

A European investment bank said it was accelerating the process of “patching” software following the incident.

Spanish banks La Caixa, Bankinter and Sabadell said they had all taken measures.

“We weren’t attacked but we took preventative measures about the cyber-attack over the whole weekend. There is an emergency committee that is reporting constantly and we have conference calls every eight hours. We can’t drop our guard”, said a Sabadell spokesman.

Banks generally have more robust cyber defenses than other sectors, because of the sensitive nature of their industry and to meet regulatory requirements.

But aging technology and banks’ attractiveness to hackers means they are often targets.

Last year 2.5 million pounds ($3.23 million) was taken from small British lender Tesco Bank. The identity of the culprits remains unknown.

Other UK banks including HSBC and Royal Bank of Scotland have suffered cyber attacks in the past two years that have brought their online services down.

A survey of cyber security and risk experts released last Friday by insurer AIG found the financial services industry had been identified as the most likely to experience a systemic attack.

In the United Kingdom on Monday, the government’s National Cyber Security Centre said it was distributing advice to raise awareness of the threat, including to the financial industry.

Across the globe, regulators took similar steps.

The Hong Kong Securities and Futures Commission issued a circular warning groups to be on alert and take action such as security updates and offline backups.

It instructed firms to “take immediate actions to critically review and assess the effectiveness of their cybersecurity controls”.

India’s IndusInd Bank said on Monday the attack had affected a few systems, but those had been quarantined over the weekend and it had moved quickly to patch its systems.

For the most part, however, banks remained insulated from the cyber attack.

“In the NHS, the technology they are using it out of date,” said Paul Edon of cyber security group Tripwire. “Banks have six to eight levels of defense.”

(Additional reporting by Andres Gonzales, Euan Rocha in Mumbai and Michelle Price in Hong Kong; Writing by John O’Donnell; Editing by Andrew Roche)

New York state cyber security regulation to take effect March 1

projection of man in binary code representing cyber security or cyber attack

By Karen Freifeld and Jim Finkle

NEW YORK/BOSTON (Reuters) – New York state on Thursday announced final regulations requiring banks and insurers to meet minimum cyber-security standards and report breaches to regulators as part of an effort to combat a surge in cyber crime and limit damages to consumers.

The rules, in the works since 2014, followed a series of high-profile data breaches that resulted in losses of hundreds of millions of dollars to U.S. companies, including Target Corp, Home Depot Inc and Anthem Inc .

They lay out unprecedented requirements on steps financial firms must take to protect their networks and customer data from hackers and disclose cyber events to state regulators.

“These strong, first-in-the-nation protections will help ensure this industry has the necessary safeguards in place” to protect businesses and clients “from the serious economic harm caused by these devastating cyber-crimes,” Governor Andrew Cuomo said in a statement.

The state in December delayed implementation of the rules by two months and loosened some requirements after financial firms complained they were onerous and said they would need more time to comply.

The new rules call for banks and insurers to scrutinize security at third-party vendors that provide them goods and services. In 2015, the New York Department of Financial Services found that a third of 40 banks polled did not require outside vendors to notify them of breaches that could compromise data.

The revised rule requires firms to perform risk assessments in order to design a program particular to them, and gives them at least a year-and-a-half to comply with the requirements. The final rule took into account the burden on smaller companies, a spokeswoman for the agency said.

Covered entities must annually certify compliance.

Institutions subject to the regulation include state-chartered banks, as well as foreign banks licensed to operate in the state, along with any insurer that does business in New York.

A task force of U.S. state insurance regulators is also developing a model cyber security law, which individual state legislatures could ultimately choose to adopt.

French central bank chief urges insurers to step up cyber risk coverage

man representing cyber attack

PARIS (Reuters) – France’s central bank governor called on French insurers to enhance cyber risk coverage for their clients, as hack attacks and data privacy laws in Europe spur rising demand.

“With the help of reinsurers, insurers should be able to meet demands of cyber risk coverage, a concern that affects all businesses,” Francois Villeroy de Galhau said during a conference in Paris.

Though growing fast, the European cyber insurance market remains dwarfed by that in the United States, but is likely to expand in the coming years as new EU regulations come into force requiring firms to disclose when they have been the victim of an attack.

Around 28 percent of companies in Europe have been subject to a cyber attack over the past 12 months, but only 13 percent of companies have purchased cyber insurance, Marsh & McLennan Co’s (MMC.N) Marsh broker unit said in a survey, published in October 2016.

The value of global cyber insurance premiums outstanding is estimated by Marsh & McLennan Co’s (MMC.N) Marsh broker unit to be around $3.5 billion with 3 billion coming from the United States, and around $300 million coming from Europe.

“Insurance companies should learn from their own experience … in order to create a more mature market in France and Europe for insurance against cyber risks,” Villeroy added.

(Reporting by Maya Nikolaeva and Myriam Rivet; Editing by Leigh Thomas)

As attacks grow, EU mulls banking stress tests for cyber risks

file graphic of man using a computer representing cyber attacks

By Francesco Guarascio

BRUSSELS (Reuters) – The European Union is considering testing banks’ defenses against cyber attacks, EU officials and sources said, as concerns grow about the industry’s vulnerability to hacking.

Cyber attacks against banks have increased in numbers and sophistication in recent years, with criminals finding new ways to target banks beyond trying to illicitly obtain details of their customers’ online accounts. Last February $81 million was taken from the Bangladesh central bank when hackers broke into its system and gained access to the SWIFT international transactions network.

Global regulators have tightened security requirements for banks after that giant cyber fraud, one of the biggest in history, and in some countries have carried out checks on lenders’ security systems.

But complex cyber attacks have kept rising, as revealed in November by SWIFT in a letter to client banks and by the theft of 2.5 million pounds ($3 million) from Tesco Plc’s banking arm in the first mass hacking of accounts at a Western lender.

Banks “are struggling to demonstrate their ability to cope with the rising threat of intruders gaining unauthorized access to their critical systems and data,” a report of the European Banking Authority (EBA) warned in December.

The next step from European regulators to boost security could be an EU-wide stress test.

The European executive commission is assessing additional initiatives to counter cyber attacks, a commission official told Reuters. “These include cyber-threat information sharing or penetration and resilience testing of systems.”

The European Central Bank announced last year it would set up a database to register incidents of cyber crime at commercial banks in the 19-country euro zone. But exchanges of information among national authorities on cyber incidents remains scant.

The Commission is studying whether EU-wide tests would help step up security, a source at the EU executive said. This would be in addition to controls already carried out by national authorities.

EBA, which is in charge of stress-testing the bloc’s banks, is expected to detail in summer the checks it intends to conduct in the next exercise planned in mid 2018.

EBA tests banks’ capital cushions and can conduct checks on specific issues. Last year it monitored risks caused by fines, as EU lenders faced sanctions from U.S. regulators.

An EBA official said cyber security was on the agency’s radar but no decision had been made on a possible stress test. The body’s chairman, Andrea Enria, has urged EU states to stress-test their financial institutions for cyber risks.

Lloyds Banking Group is working with law enforcement agencies to trace who was behind a cyber attack that caused intermittent outages for customers of its personal banking websites almost two weeks ago, according to a source familiar with the incident. Lloyds said it would not speculate on the cause of the attack. No customers suffered any losses.

BLOCKCHAIN

As European banks keep relying on digital infrastructure that is “rigid and outdated”, according to EBA, regulators are considering new technologies that could boost security.

Blockchain, the technology behind the most successful virtual currency, Bitcoin, is being closely monitored in Brussels “to establish the advantages and possible risks” but also to weigh possible moves to enable blockchain where it is hindered, the Commission source said.

More than 1 billion euros have been invested in blockchain startups, a World Economic Forum report said.

The EU agency for network and information security (ENISA) said in a report last week the technology offered new opportunities and could cut costs, but may also pose new cyber security challenges, mostly caused by its decentralized network.

U.S. jobless claims rise to near three-month high

WASHINGTON, (Reuters) – – The number of Americans filing for unemployment benefits rose to near a three-month high last week, but remained below a level associated with a strong labor market.

Initial claims for state unemployment benefits increased 7,000 to a seasonally adjusted 265,000 for the week ended Oct. 29, the highest level since early August, the Labor Department said on Thursday. Claims for the prior week were unrevised.

It was the 87th consecutive week that claims remained below 300,000, a threshold associated with a healthy labor market.

That is the longest stretch since 1970, when the labor market was much smaller.

Economists polled by Reuters had forecast first-time applications for jobless benefits would be unchanged at 258,000 in the latest week.

The Federal Reserve on Wednesday left interest rates steady but said its monetary policy-setting committee “judges that the case for an increase in the federal funds rate has continued to strengthen.”

The U.S. central bank is widely expected to increase its overnight benchmark interest rate in December, but the decision could depend on the outcome of the Nov. 8 U.S. presidential election.

The tightening of the race between Democratic candidate Hillary Clinton and her Republican rival Donald Trump has rattled financial markets. The Fed raised borrowing costs last December for the first time in nearly a decade.

On Wednesday, the central bank offered a fairly upbeat assessment of the labor market, inflation and the broader economy.

A Labor Department analyst said there were no special factors influencing last week’s data and that no states had been estimated. There was a surge last week in the unadjusted claims for Kentucky, California and Missouri.

The four-week moving average of claims, considered a better measure of labor market trends as it irons out week-to-week volatility, increased 4,750 to 257,750 last week.

The report has no bearing on October’s employment report, which is scheduled for release on Friday, as it falls outside the survey period. According to a Reuters survey of economists, nonfarm payrolls likely increased 175,000 last month after rising 151,000 in September.

The unemployment rate is seen slipping one-tenth of a percentage point to 4.9 percent.

Thursday’s claims report also showed the number of people still receiving benefits after an initial week of aid declined 14,000 to 2.03 million in the week ended Oct. 22, the lowest reading since June 2000.

The four-week average of the so-called continuing claims fell 9,000 to 2.04 million. That was the lowest level since July 2000.

(Reporting by Lucia Mutikani; Editing by Paul Simao)

Tiny German bank breaks taboo by charging rich clients for deposits

Raiffeisenbank Gmund

By Alexander Hübner

FRANKFURT (Reuters) – A small cooperative bank in the Bavarian Alps is breaking a German taboo by charging wealthy clients to deposit their money following the European Central Bank’s shift to negative rates.

Raiffeisenbank Gmund on the idyllic Tegernsee lake, home of wealthy actors and sports stars, will apply a custody charge of 0.4 percent to sight deposit accounts over 100,000 euros ($111,500.00) from September, a board member told Reuters. Such accounts allow depositors to withdraw their money at any time.

Several German banks have passed on the ECB’s negative deposit rate to large commercial customers such as companies and institutional investors, but applying the charge to retail customers has been seen as a step too far.

“We have written to all large depositors and recommended that they think things over. If you don’t create an incentive to change things then things don’t change,” Josef Paul said.

Cooperative direct bank Skatbank has applied negative rates on deposits over 500,000 euros since 2014, while ecological lender GLS bank, also part of the cooperative system, is asking customers for a “solidarity contribution” to help offset negative interest rates.

LAST RESORT

The ECB has resorted to a negative deposit rate to try to encourage banks to lend to stimulate Europe’s economy, which is still suffering from the after-effects of the financial crisis. Banks, meanwhile, are seeking to encourage depositors to shift their cash out deposit accounts into other financial products.

Germany’s cooperative banking association BVR said it did not expect other deposit takers in its network to follow Raiffeisenbank Gmund’s lead.

“We don’t believe retail banking will see widespread application of negative rates in Germany, not least because of the intense competitive situation in the German banking market,” the BVR said.

Even in Gmund, the lion’s share of customers are not affected. Paul’s cooperative bank wrote to less than 140 clients, who together hold 40 million euros in deposits, about the new charge, which has already proved effective.

“Some of the customers we informed have opted for alternative investments and others moved their money to other banks,” Paul said, adding that a widening of the charge to less wealthy customers is not planned.

Raiffeisenbank Gmund is one of the country’s smaller cooperative lenders, with six branches and total assets of just 145 million euros. It has a substantial overhang of deposits, only part of which it manages to recycle as loans.

Bavaria’s GVB cooperative banking association, with 269 member banks, backed Gmund’s position.

“The ECB’s extreme monetary policy is creating considerable costs for all banks,” a GVB spokesman said.

“As a last resort, they also have to look at a means to be reimbursed for the cost of deposits,” he said.

(Writing by Jonathan Gould; Editing by Alexander Smith)

Wall Street predicting a rotten 2016 for U.S. Banks

Goldman Sachs sign is seen above floor of the New York Stock Exchange shortly after the opening bell in the Manhattan borough of New York

By Olivia Oran

(Reuters) – It is only April, but some on Wall Street are already predicting a rotten 2016 for U.S. banks.

Analysts say it has been the worst start to the year since the financial crisis in 2007-2008 and expect poor first-quarter results when reporting begins this week.

Concerns about economic growth in China, the impact of persistently low oil prices on the energy sector, and near-zero interest rates are weighing on capital markets activity as well as loan growth.

Analysts forecast a 20 percent decline on average in earnings from the six biggest U.S. banks, according to Thomson Reuters I/B/E/S data. Some banks, including Goldman Sachs Group Inc, are expected to report the worst results in over ten years.

This spells trouble for the financial sector more broadly, since banks typically generate at least a third of their annual revenue during the first three months of the year.

“What’s concerning people is they’re saying, ‘Is this going to spill over into other quarters?'” Goldman’s lead banking analyst Richard Ramsden said in an interview. “If you do have a significant decline in revenues, there is a limit to how much you can cut costs to keep things in equilibrium.”

Investors will get some insight on Wednesday, when earnings season kicks off with JPMorgan Chase; Co; JPM, the country’s largest bank. That will be followed by Bank of America Corp; and Wells Fargo; WFC; on Thursday, Citigroup Inc; C.N; on Friday, and Morgan Stanley; MSN; and Goldman Sachs Group Inc; on Monday and Tuesday, respectively, in the following week.

Banks have been struggling to generate more revenue for years, while adapting to a panoply of new regulations that have raised the cost of doing business substantially.

The biggest challenge has been fixed-income trading, where heavy capital requirements, new derivatives rules, and restrictions on proprietary trading have made it less profitable, leading most banks to simply shrink the business.

Bank executives have already warned investors to expect major declines across other areas as well.

Citigroup Inc; C.N; CFO John Gerspach said to expect trading revenue more broadly to drop 15 percent versus the first quarter of last year. JPMorgan Chase & Co’s Daniel Pinto said to expect a 25 percent decline in investment banking. Several bank executives have warned about declining quality of energy sector loans.

Global investment banking fees for completed merger and acquisitions, and stock and bond underwriting, totaled $15.6 billion in the first quarter, a 28 percent decline for the year-ago period, according to Thomson Reuters data.

Volatility in stock prices and plunging commodities prices caused trading volume to dry up during most of the quarter. Trading activity picked up slightly in March but was not strong enough to offset declines during the first two months of the year.

Analysts have been lowering first-quarter estimates over the last month in light of business pressures. They now expect JPMorgan to report adjusted earnings of $1.30 per share, Bank of America to report 24 cents per share, Wells Fargo to report 99 cents per share, Citigroup to report $1.11 per share, and Morgan Stanley to report 63 cents per share. Goldman is expected to report $3.00 per share, the lowest first-quarter earnings since before the financial crisis.

Matt Burnell, a Wells Fargo banking analyst, said in a research note Friday that capital markets weakness may extend at least into the second quarter.

Analysts said there may be some loan growth outside of the energy sector, and a small uptick in net interest margins, a measure of loan profitability, but overall, the tone was less-than-optimistic.

“The first quarter is going to be ugly and we don’t think that necessarily gets recovered in the back half of the year,” said Jerry Braakman, chief investment officer of First American Trust, which owns shares of Citigroup, JPMorgan, Wells Fargo and Goldman. “There are a lot of challenges ahead.”

(Reporting by Olivia Oran in New York; editing by Lauren LaCapra)

Largest U.S. Banks $120 Billion Shortfall

A regulatory requirement proposed on Friday by the Federal Reserve will force six of the eight globally systemically important U.S. banks to raise an additional $120 billion in order to comply.  

Bank of America, Bank of New York Mellon, Citigroup, Goldman Sachs Group, JPMorgan Chase, Morgan Stanley, State Street, and Wells Fargo are to follow the requirements aimed at ensuring the banks so they are able to recapitalize without disrupting markets or requiring a government bailout.  

The banks are expected to meet the $120 billion shortfall by issuing debt, a usually more cost-effective way than issuing equity, according to Federal Reserve officials speaking at a background press briefing Friday.

This proposal, along with others has been taken to avoid chaotic bank failures and according to Federal Chair, Janet Yellen, “would substantially reduce the risk to taxpayers and the threat to financial stability stemming from the failure of these firms.”

This requirement is one of a series of rules that have been aimed at reducing risk in the banking system by determining how much debt and equity banks should use to fund themselves.

Some Greek Banks May Close Even With National Bailout

Some of Greece’s larger banks could end up disappearing as a result of the economic collapse taking place in their nation.

European officials confirmed to Reuters that some weaker banks will be taken over by larger rivals in a restructuring of the banking industry.  They estimated that two of the four major banks — National Bank of Greece, Eurobank, Piraeus and Alpha Bank — could end up being absorbed by other banks.

“The Greek economy is in ruins. That means the banks need a restart,” an official told Reuters. “Cyprus could be a role model.  You have a tiny bit of time … you would do restructuring straight away.”

The plan is expected to meet fierce Greek resistance.

The news from the EU officials comes as Greek government officials confirmed they would be extending bank closures and putting a 60-euro limit on ATM withdrawals until Monday because the European Central Bank (ECB) decided not to increase support for Greek banks until a solution is found for the current economic default.

Greek citizens have been attempting to clear out bank accounts and spend their money fearing that their deposits could be seized in a bailout deal.

The EU is facing internal conflict as Germany, the biggest creditor for Greece, is resisting calls to restructure Greece’s debt.

“Greece is in a situation of acute crisis, which needs to be addressed seriously and promptly,” International Monetary Fund chief Christine Lagarde said at the Brookings Institution think-tank in Washington.