The Central Bank from October 2023 will receive more information on fraudulent transactions
Information Security Department Interaction and Response Center Bank of Russia (FinCERT), on the site of which all banks exchange, including data on fraudulent transactions, will receive from them additional information about the participants in these transfers, and not only about the final recipient of the stolen funds. On this subject reported in the publication of the Central Bank (Central Bank of the Russian Federation).
The new version of the standard for information exchange rules on cyberattacks and information security incidents in the financial sector will come into force on October 1, 2023. The changes have been made to comply with the law on the exchange of data between the Central Bank of the Russian Federation and the Ministry of Internal Affairs.
Associated materials:
The updated document will allow banks to provide information on fraudulent transactions based on more than 50 unique characteristics. In particular, cases will be considered suspicious when a customer uses Internet banking at the same time from different locations, or establishes a previously approved loan immediately after restoring access to Internet banking, which was previously blocked in due to incorrect data entry during authorization. Banks will also be attentive to atypical transactions for a customer from new devices. When sending information about suspicious transactions to FinCERT, banks transfer their list and all data – model, manufacturer, SIM card number, geolocation and other parameters.
Information on cyberattacks and personal data leaks will be provided as detailed as possible in accordance with the international intruder action classification system. Additionally, FinCERT standardizes the data exchange mechanism, simplifying the interaction between departments and banks. Director of the Information Security Department of the Bank of Russia Vadim Uvarov noted that the new version of the rules has been prepared taking into account the current methods of cyber fraudsters, and by increasing the volume and improving the quality of information entering the automated system, banks will be able to better cope with fraudulent transfers.
In March, the Central Bank informedthan the number of cases of theft of money from bank accounts in Russia in 2022 decreased for the first time in seven years and amounted to 877 thousand. The total volume of losses in branchless banking amounted to 9.3 billion rubles. In addition, the regulator warned that fraudsters have become more active in the use of social networks and mobile applications.