Snippet: Who is legally liable when cybercriminals break into a network and steal hundreds of thousands of dollars from a company? If you follow recent court cases, businesses and banks point the finger at one another.

Who is legally liable when cybercriminals break into a network and steal hundreds of thousands of dollars from a company? If you follow recent court cases, businesses and banks point the finger at one another.

How many more lawsuits must be litigated before institutions come to grips with who the real enemy is? It’s not their customers or their members. It’s thieves! Let’s put the focus on preventing fraud and stop litigation with customers – that’s a lose/lose situation. Either financial institutions win the lawsuit and damage their reputation, resulting in lost business, or they lose the lawsuit and face financial losses.

Lose/lose

Missouri-based title company Choice Escrow battled with BancorpSouth after $440,000 went missing from Choice Escrow’s checking account. The loss was due to a phishing attack on one of Choice Escrow’s employees. A battle between the two organizations ensued, and the ruling came down in favor of BancorpSouth. Choice Escrow is now responsible for the loss since they declined certain security measures offered by BancorpSouth.

This latest ruling by the Eighth Circuit Court of Appeals in St. Louis is just one in a long line of lawsuits between financial institutions and their business clients over losses resulting from cybercriminals. In 2012, the First Circuit Court of Appeals in Boston ruled in favor of PATCO Construction in its battle against People’s United, over a $500,000 account takeover incident in 2009. Results paint a confusing picture – sometimes the court sides with the victim of the crime, sometimes the financial institution. There have been many other legal battles where the courts have sided with the financial institution, including cases involving Professional Business Bank, PlainsCapital Bank and Comerica Bank.

Every time a new ruling comes down, we see banks either facing new liability risks, or applauding a ruling that puts their business clients on the hook for fraud losses resulting from hackers penetrating their banking accounts.

Or win/win?

It’s amazing how much time, energy, money and lost customer goodwill financial institutions are willing to throw away, just so they can win the “whose fault was it?” argument. This is particularly bewildering, given that technology is available to protect financial institutions and their business and consumer customers. It prevents account takeovers and phishing attacks in the first place. Today’s technology, featuring out-of-band multi-factor authentication will help protect your institutions and your customers – that’s a win/win!

A win is a great thing and achievable too when financial institutions and their customers work as allies in the fight to thwart cybercriminals.

Subscribe to our blog.


Entersekt editor

Entersekt editor

An avid scowler and violent sharpener of pencils, Editor’s bark is worse than her bite. Every scrap of writing that crosses her desk she treats with the same care she would her own privately published comic verse. Any orphans and misfits, she takes under her wing. After hours, she practices amateur type design and represents her local library in extreme kerning competitions.

Tags

Entersekt Logo

Entersekt is an innovator of customer-centric fintech solutions. Financial services providers and other enterprises rely on our patented mobile identity system to provide both security and the best in convenient new digital experiences to their customers, irrespective of the service channel. With us, they can concentrate on their innovation roadmap, while delivering intuitive, low-friction digital experiences to their customers.