National attention for corporate account takeover
Posted on 09/15/2015 at 01:10 PM by John Lande
A topic this blog has frequently discussed was the subject of an NPR national report this morning. In the story, NPR reporter John Ydstie discussed the rules that govern bank liability when an entity, as opposed to an individual, is the victim of cyber theft. This blog has covered this very topic in several posts:
- Make sure your wire transfer agreements are wired properly
- Can your business afford to lose all its money in the bank?
- Targeting Target: Bank seeks a remedy for Target's security related losses
- Stop the bleeding: 'Heartbleed' bug means Facebook, Google and maybe you aren't secure
- 2 Billion Reasons to Worry: Security firm reports Russian crime ring compromised 1.2 billion usernames and passwords
- Too small to care? No bank is too small for cyber-attacks
- Over 100 banks under silent siege
- One less Target: Target settles with consumers harmed by data breach
- No need to wait: Court rules data breach victims do not need to wait for fraud before filing suit
This blog's prior posts show that a bank has the ability to shift liability for fraud losses to business entities. The rules governing business entity loss require proper documentation and that the bank have a commercially reasonably security procedure. However, this is an opportunity for banks to avoid substantial losses that can occur over a short period of time. NPR's story makes clear that shifting liability to an entity for fraud loss may come as a surprise to most business owners. Banks should heed the warning that the NPR story represents and start to have a conversation with their business clients about the risks their accounts face. This will also enhance your bank's security if your consumers are aware of the threats they face and measures they can take to minimize those threats.
The material in this blog is not intended, nor should it be construed or relied upon, as legal advice. Please consult with an attorney if specific legal information is needed.
- John Lande
Categories: Cybersecurity Law, John Lande, Banking Law
Questions, Contact us today.
The material, whether written or oral (including videos) that is posted on the various blogs of Dickinson Bradshaw is not intended, nor should it be construed or relied upon, as legal advice. The opinions expressed in the various blog posting are those of the individual author, they may not reflect the opinions of the firm. Your use of the Dickinson Bradshaw blog postings does NOT create an attorney-client relationship between you and Dickinson, Bradshaw, Fowler & Hagen, P.C. or any of its attorneys. If specific legal information is needed, please retain and consult with an attorney of your own selection.