Photo = Getty Image Bank Small and medium-sized securities companies are on alert as financial authorities demand that second-tier financial institutions, following banks, upgrade their ‘abnormal transaction detection systems‘ (FDS) to prevent voice phishing. This is because it is expected that system development within the year will be difficult because KOSCOM is used instead of its own computer system. We were forced into a situation where we had to deploy night shift personnel to catch abnormal transactions.
According to the financial investment industry on the 24th, securities companies have been asked by financial authorities to upgrade FDS within this year. As the number of cases where voice phishing damage is transferred from the banking sector to second-tier financial institutions increases, there is a demand for the establishment of a system to prevent this. Currently, securities companies operate their own FDS, but the system needs to be upgraded so that the guidelines (51 rules) prepared by the financial authorities can be applied.
An official in the financial investment industry said, “There is a request (from the authorities) to upgrade FDS to prevent voice phishing and apply it from January 1st of next year,” and added, “CEOs of securities companies and the Financial Supervisory Service have directly signed a related business agreement (MOU).” “I understand that a contract is also scheduled to be signed,” he said.
FDS is a system that blocks signs of abnormal transactions, such as fraudulent payments or sudden large-scale deposits and withdrawals, in advance during financial transactions. In the banking sector, an advanced FDS has already been operated in accordance with the guidelines of the financial authorities since last year. Accordingly, recently, as damage from voice phishing has spread to other industries such as securities firms, there is a demand for the establishment of related systems in second-tier financial institutions as well.
The actual scale of voice phishing damage is increasing regardless of industry. According to data submitted by the Financial Supervisory Service by Min Byeong-deok, a member of the National Assembly’s Political Affairs Committee, the total amount of voice phishing damage incurred in the financial sector (banks and non-banks) in the first half of this year was 127.2 billion won, a 49.1% increase compared to the same period last year (85.3 billion won). Among these, the amount of voice phishing damage incurred in the securities industry increased by nearly 19% to 1.9 billion won.
It is expected that if securities companies operate an advanced FDS starting next year, standards for sharing responsibility for non-face-to-face financial accidents will also be applied. Currently, this system applies only to the banking sector. The goal is to compensate up to 50% of damages for voice phishing damage based on the financial company’s prevention efforts and the customer’s negligence.
The problem is that voice phishing damage occurs not only in the banking sector but also in connection with second-tier financial institutions. However, it is pointed out that this system only applies to the banking sector, making it difficult to clearly determine where responsibility lies. For example, the explanation is that there are limitations in determining who is responsible for voice phishing damage that occurred when funds from securities company A’s account were transferred to bank B. Accordingly, the industry observes that the financial authorities are trying to increase the number of compensation cases by introducing this system to other industries.
Small and medium-sized securities firms are expressing their reluctance. Unlike large securities firms that have their own computer development capabilities, they use KOSCOM’s computer systems. However, even if KOSCOM starts computer development right away, it is expected to be completed by March or April next year. Nevertheless, it is known that financial authorities are demanding that the system be operated with an advanced system starting from January next year.
Currently, the Koscom FDS council includes eight companies, including △IBK Investment & Securities, △Daol Investment & Securities, △Sangsang Certificates, △BNK Investment & Securities, △Hanyang Securities, △Bukook Securities, and △Cape Investment & Securities. A Koscom official said, “We currently have our own FDS system, but we need to work on further upgrading it. We need a development period, including receiving consulting (for computer development), and we expect it to be completed around April next year.” said.
Given this situation, some securities companies are seeking temporary measures, such as deploying workers at night to directly detect abnormal transactions such as account opening or non-face-to-face deposits and withdrawals. In particular, there are concerns that additional manpower will be needed to confirm abnormal transactions discovered even after the system is developed and to communicate with customers whose accounts have been suspended, which will inevitably increase the cost burden.
An executive at a securities company said, “The banking sector has advanced FDS and tight security, so voice phishers are increasingly targeting credit unions, Saemaeul Geumgo, and securities companies,” adding, “Additional employees will be hired at night until Koscom’s computer development is completed.” “It may be necessary to detect abnormal transactions or notify customers in advance and prevent account opening or deposits and withdrawals in the late evening,” he said.
Go Jeong-sam, Hankyung.com reporter jsk@hankyung.com