Protecting the digital transformation achievements of the banking industry in the new normal
Three packages to help businesses with digital transformation | |
Applying technology to develop tourism in the new climate | |
Digital transformation is "key" for sustainable agricultural development |
Security risks and information safety always go hand in hand in the digital transformation process of the banking industry. Photo: Huu Linh |
The risk is getting higher
Major General Nguyen Van Giang, Deputy Director of the Department of Cyber Security and High-Tech Crime Prevention under the Ministry of Public Security, said that in 2021, many cases related to crimes using technology have been detected with a total loss of hundreds of billions of Vietnamese dong.
In addition, through inspections, many cases of insecurity and information safety were detected and handled, and documents and data of banks were leaked, mainly information related to borrowers.
Regarding the cause, Major General Nguyen Van Giang said that while criminals are constantly improving their capabilities and using more sophisticated tricks, the bank's customers still lack self-protection skills in cyberspace, when they are careless, easily deceived, accessing fake websites, providing information to the subject leading to property damage.
In addition, there is a situation where bank employees follow the target of increasing the number of customers without complying with regulations on customer identification and money laundering, leading to the situation that bank accounts, credit cards are rampant, difficult to control, potentially dangerous to be used for illegal activities such as money laundering and terrorist financing. The security of customer information of banks still has loopholes, and there is a situation of illegal buying and selling of customer information.
In addition, the coordination between the police, the State Bank and commercial banks when a case related to payment activities arises is still slow, mainly according to administrative procedures and has not been applied publicly and has not built a process throughout from receiving information, processing information, blocking accounts, verifying, investigating and handling objects.
The legal provisions on anti-money laundering, blocking payment accounts according to the Criminal Procedure Code, exchanging and providing information still have loopholes, omissions, inconsistent with reality, difficult to apply to keep property for the victim.
“When developing these laws, we only focus on the subject who is the legal owner of the payment account, the person who commits the crime, without considering the situations such as the user of the payment account made by others to commit a crime, there is an offense but the accused has not been identified, the payment account does not exist, i.e. it was opened with a false identity document, the current account holder is not the one to be accused," said Major General Nguyen Van Giang.
Meanwhile, from the perspective of an enterprise providing solutions for information security system assessment, penetration testing and monitoring for the banking and financial sector, Phan Trong Quan, Head of Penetration Testing and Evaluation Department at VNPT Cyber Immunity said that Circular 09/2020/TT-NHNN stipulates very clearly about ensuring information security, penetration testing and incident monitoring, however, the application of some banks is only theoretical. Specifically, according to the provisions of Circular 09, banks must periodically evaluate their systems, however, some banks only conduct internal audits and use automatic scanning tools to perform assessments. According to Quan, the use of automatic scanning tools cannot detect all vulnerabilities related to banking operations. In addition, there are some bugs such as the new system being tested but connecting to real data.
Supplement regulations, strengthen preventive measures
Experts say that digital transformation and electronic payments are an inevitable trend. However, with the increased risk of crime using technology and the above problems, the coordination and prevention work of relevant units must also change. Major General Nguyen Van Giang said that, in addition to raising awareness for officials, bank employees and customers, it is necessary to enhance the potential of people and means through training. Especially, invest in building a network security monitoring and operating system to monitor and promptly prevent acts of intrusion and network attacks; deploy a system to prevent targeted attacks, maintain regular assessment of weaknesses, security holes in information technology systems of banks and financial systems.
Major General Nguyen Van Giang also suggested studying, amending and supplementing legal provisions on anti-money laundering such as Decree 102/2012/ND-CP on non-cash payments, Circular 23/2014/ TT-NHNN guiding the opening and use of payment accounts, Circular 19/2016/TT-NHNN regulating bank card activities, especially regulations on delaying transactions, blocking payment accounts, refusing card payments to ensure easy deployment, retaining assets for the State, banks and people.
For banks, Robert Trong Tran, Deputy General Director of Cyber security and Technology Risk Services at Ernst & Young Vietnam Co., Ltd. recommends that meetings on the bank's digital transformation strategy should be with the participation of the information security department. In addition, officers in charge of information security, when presenting to the Board of Directors, need to explain the bank's information security issues and the damage that vulnerabilities can cause.
“They need to thoroughly understand the banking operations and convert technical language into business language so that the board of directors can easily understand the role and influence of information security,” Robert Trong Tran said.
Regarding the situation that banks are afraid to share information about information security incidents, Vu Quoc Khanh, Vice Chairman of the Vietnam Information Security Association, said that banks can participate in the national incident response network and implement incident reporting regulations.
"When participating in this network, banks will be assured of security and the amount of information will only be released to the necessary level, enough to warn other units to take preventive measures," Khanh said.
Related News
New export and business cooperation opportunities from "dual conversion"
10:53 | 23/11/2024 Import-Export
General Department of Customs strengthen discipline in public services
10:00 | 14/11/2024 Customs
Policy adaptation and acceleration of digital transformation in tax and customs management
10:03 | 14/11/2024 Regulations
What do businesses need for digital transformation?
09:20 | 17/11/2024 Headlines
Latest News
Agricultural, forestry and fishery trade surplus value shoots up
10:54 | 23/11/2024 Import-Export
VN's food processing industry struggles to improve quality and value chain integration
15:53 | 22/11/2024 Import-Export
Approach strategy of the seafood industry when implementing UKVFTA
09:26 | 22/11/2024 Import-Export
Mid-November: Vietnam's trade volume matches 2023 total, eyes record-breaking growth
09:25 | 22/11/2024 Import-Export
More News
Vietnamese enterprises facing challenges from cross-border e-commerce platforms
14:32 | 21/11/2024 Import-Export
Vietnam, Malaysia eye new milestone in trade ties
14:29 | 21/11/2024 Import-Export
Shrimp exports surge in 10 months, generating 3.2 billion USD
14:27 | 21/11/2024 Import-Export
Vietnam’s exports to the U.S. near US$100 billion milestone
09:46 | 21/11/2024 Import-Export
From the “abnormal” coffee price, worries about the new crop
09:46 | 21/11/2024 Import-Export
What obstacles limit the market share of Vietnamese goods in the UK?
14:49 | 20/11/2024 Import-Export
Why seafood exports to some Middle Eastern Countries are stalled
14:47 | 20/11/2024 Import-Export
Storm No. 3 destroys profits of many insurance companies
14:45 | 20/11/2024 Import-Export
Vietnam, Malaysia eye golden partnership opportunities in Halal industry
14:44 | 20/11/2024 Import-Export
Your care
Agricultural, forestry and fishery trade surplus value shoots up
10:54 | 23/11/2024 Import-Export
New export and business cooperation opportunities from "dual conversion"
10:53 | 23/11/2024 Import-Export
VN's food processing industry struggles to improve quality and value chain integration
15:53 | 22/11/2024 Import-Export
Approach strategy of the seafood industry when implementing UKVFTA
09:26 | 22/11/2024 Import-Export
Mid-November: Vietnam's trade volume matches 2023 total, eyes record-breaking growth
09:25 | 22/11/2024 Import-Export