Banks face allegation of under reporting cyber-crime

Tyrie made his comments following a Treasury Select Committee hearing into cybercrime and fraud held as part of its inquiry into the ‘Treatment of Financial Services Consumers’.The Committee heard evidence from Dr Richard Clayton, a senior researcher in security economics at the University of Cambridge, who said that banks are reluctant to report the true extent of cybercrime for fear of spooking customers.

He told the Committee that “insider” accounts of fraud losses are double the numbers generally reported publicly. In a statement following the hearing, Tyrie said that he would raise the issue with banks and regulators.

“The Committee today heard that the amount of fraud reported by banks may substantially understate the true scale of the problem. This is concerning,” he said. “I will be writing to the banks and regulators to obtain a fuller picture on this issue.”

In July 2013, a Home Affairs Committee report on e-crime accused British banks of letting cyber-crooks carry out crime in a ‘black hole’ of impunity by failing to report or investigate fraud.

The policy in Europe is different. In many countries banks must report cyber incidents and under-reporting is illegal.

The forthcoming EU General Data Protection Regulation, will take it even further: a massive data breach will be fined heavily -up to 5% of global turnover or €100m for global companies.

In that environment bankers will report – or go to jail.

The logic behind this is that transparency helps others improve. More developments will be reported here on this website in the coming months.