The U.S. Treasury Department's plan to collect more details about cyberattacks on financial institutions in suspicious activity reports may impose new monitoring requirements on compliance professionals, say sources.
Financial institutions remain reluctant to share private data on clients and transactions with each other despite existing legal protections out of fear that they might nevertheless expose themselves to civil or criminal liability, according to sources.
The world's largest banks are increasingly devoting resources to guarding their infrastructure against large-scale cyberattacks, and installing new controls to prevent hackers from generating fraudulent payment messages to steal from them.
A handful of financial institutions looking to improve how they manage their compliance risks are venturing beyond conventional transaction-monitoring processes to analyzing the totality of their interactions with clients, according to senior compliance professionals.
A U.S. Treasury Department advisory instructing financial institutions to more frequently and thoroughly investigate, report and exchange data on cyberattacks against them could inform a new category of regulatory penalties, say sources.
Once a bogeyman for anti-money laundering compliance departments, the technology underlying virtual currency platforms may one day be among the most important tools to identifying financial crime, industry experts say.
Bank compliance departments continue to underreport Internet Protocol and e-mail addresses in their regulatory filings to the U.S. Treasury Department despite repeated requests for such disclosures from federal officials.