We Have a Significant Financial System Risk



  • Banking regulators need to review and plan for issuing banks to handle a massive credit card fraud attack
  • Financial institutions must start working with the intelligence agencies

Remember the “Great Recession?” Led by a trillion dollar loss in collateralized debt obligations, the financial system came dangerously close to collapse. The regulators clearly did not understand the extent of the risk in these securities. Even the managers of the financial institutions did not appear to understand the risks they were taking. 

If you enjoyed that recession, you will love the next one. We have a significant financial system risk that could make the “Great Recession” look minor. 

For years we have heard about security breaches of credit card companies, financial information and email services. The good news is that you do not hear too many accounts of anything being stolen. In other words, if the security breaches were the work of common criminals, you would expect the information to be used quickly, as criminals typically have very short attention spans. 

But that has not happened in mass scale. Most of the stories you hear about credit card fraud still hinge on the capture of information from a specific physical breach and, as expected, these are typically monetized very quickly to act before the breach is detected.

If these huge breaches are not the work of common criminals, they may be state or terrorist sponsored, and if they aren’t now, they could be in the future. These sponsors have an interest in draining as much money as possible, but they may also have a significant interest in disrupting the American financial system.

In 2012, two-thirds of payments made in the United States were made by payment cards. If those transactions could be halted, it would have a devastating effect on the economy. Most everyone has heard of “denial of service attacks,” when hackers drive millions of transactions at a particular site, overwhelming the servers and in effect shutting them down. 

Now consider such an attack using millions of fraudulent credit card transactions. These attacks would drain as much money as they were allowed out of the banks, and the issuing bank would be the hook for losses more than $50 dollars. 

The attacks would overwhelm the security functions of the banks, in effect driving a possible shutdown of the system that handles two-thirds of daily transactions in the United States.

Neither the financial system nor individuals are prepared for a shutdown of the credit card processing network. Most people no longer carry enough cash to make the purchases they normally charge to their cards, so almost a panic would ensue as they rush to try to handle this new financial environment. The resulting effect on the economy, as well as the effect on Americans feelings of security, would be devastating. 

While our security agencies are doing an outstanding job of trying to address these issues and intercept many attacks, they can't do it alone. Two issues must be addressed. First, the banking regulators need to immediately begin reviewing the preparations of issuing banks to handle a massive credit card fraud attack, and ensure that these preparations will work if need be. The banks must have viable plans in place to instantly identify and work their way through such an attack. Second, the financial institutions must actually begin to work with the intelligence agencies in what Director of National Intelligence James Clapper referred to as a "joint effort" to stop cybercrime. This is just one of several possible scenarios for serious financial cyber-attacks, we need the joint effort to prevent whatever scenario may come.

Yogi Berra once said, “The future is hard to predict, because it hasn't happened yet.” These attacks haven't happened yet, but I can predict that it’s only a matter of time and our financial system must act now to ensure that we are protected.

John Highbarger is a lecturer of marketing in the McCombs School of Business at The University of Texas at Austin. 


The views expressed are those of the author and not necessarily The University of Texas at Austin.

About The Author

John Highbarger

Lecturer, Department of Marketing at the McCombs School of Business

John Highbarger joined the faculty of the Marketing Department in 2003, after retiring as Global Managing Partner in the Strategy Practice of...

Leave a comment

We want to hear from you! To keep discussions on-topic and constructive, comments are moderated for relevance and for abusive or profane language.
Login or register to post comments