Malaysia, represented by CyberSecurity Malaysia, an agency under the Ministry of Communications and Multimedia, has been re-elected as the Chair of the Asia Pacific Computer Emergency Response Team (APCERT). The election took place at the APCERT Annual General Meeting on 29 September 2020.
The APCERT – Asia Pacific Computer Emergency Response Team, was established by leading and national Computer Security Incident Response Teams (CSIRTs) from the economies of the Asia Pacific region to improve cooperation, response and information sharing among CSIRTs in the region. APCERT consists of 33 Operational Members from 23 Economies across the Asia and Pacific region.
Unlike previous annual meetings, this year the event was conducted online due to the COVID 19 pandemic and hosted by the APCERT Secretariat, Japan Computer Emergency Response Team/ Coordination Centre. This event is consistent with APCERT’s vision of creating a safer, cleaner and more reliable cyber space within the Asia Pacific Region through global collaboration and trust.
As the Chair, CyberSecurity Malaysia encourages more involvement of the members in moving forward while continuing to lead the APCERT Malware Mitigation Working Group, a collaborative initiative among the APCERT and OIC countries to expand malware research, analysis and response to protect the community against malware threats.
“This is another milestone for CyberSecurity Malaysia in recognition of its technical expertise, leadership as well as professionalism. As the Chair, we are responsible to provide strategic direction and guidance to maintain the relevancy of APCERT” said General Tan Sri Dato’ Seri Panglima Mohd Azumi Mohamed (Retired), Chairman Board of Directors, CyberSecurity Malaysia.
CyberSecurity Malaysia is the national cyber security specialist and technical agency under the purview of the Ministry of Communications and Multimedia Malaysia (KKMM). CyberSecurity Malaysia provides specialised cyber security services such as: Cyber Security Emergency Services, Security Quality Management Services, InfoSecurity Professional Development and Outreach, and Cyber Security Strategic Engagement and Research.
“CyberSecurity Malaysia will continue to develop and encourage multilateral effort, frameworks, new norms, sharing of information and support a digital order if we are to create a trusted and resilient cyberspace whose future is in the hands of all in the region.”, said the Chairman Board of Directors, CyberSecurity Malaysia.
CyberSecurity Malaysia is one of the co-founders of APCERT back in 2002. This is the third appointment as the Chair (2020 – 2021) after the first appointment in 2007 and second appointment in 2019-2020. The agency remains a steering committee member since its inception and will continue until 2021.
The Vietnamese Ministry of Public Security (MPS) and the Singaporean Ministry of Communications and Information (MCI) held a virtual ministerial meeting on 29 September to discuss bilateral cooperation on cybersecurity.
According to a news report, the Vietnamese side was led by the Minister of Public Security General, To Lam, and the Singaporean delegation was led by the Minister in charge of cybersecurity, S. Iswaran, at the MCI.
Participants had exchanges related to cyber strategy as well as the process of building and completing cybersecurity standards in Vietnam. They also discussed preparations for the 5th edition of the Singapore International Cyber Week 2020 (SICW-5) and the 5th ASEAN Ministerial Conference on Cybersecurity (AMCC-5), scheduled to be held online from Singapore from 5-9 October. MPS Deputy Minister Lieutenant General, Luong Tam Quang, will lead the delegation from the Vietnamese ministry at both the SICW-5 and AMCC-5.
Both sides discussed cybersecurity challenges, specifically, regarding the complex impacts of the COVID-19 epidemic, while sharing information about the cybersecurity situation in each country, helping to boost coordination in handling related cases.
Speaking at the conference, Minister To Lam emphasised that in Vietnam, the application and development of ICT and the internet are growing strongly, contributing to socio-economic development. By the end of January this year, Vietnam had 68.17 million internet users, accounting for 70% of the population. However, the country has been facing risks and challenges from cyberspace.
According to Lam, Vietnam has focused on enhancing its cybersecurity capacity regarding important information systems in national security through the enactment of the Law on Cyber Security in 2018 and by implementing the National Digital Transformation Program by 2025. The aim is to bring the country into the group of the 50 leading countries in e-government on the e-Government Development Index (EGDI), developed by the United Nations (UN).
Additionally, Vietnam has developed codes of conduct on cyberspace based on the 11 principles and voluntary standards established by the UN to contribute to maintaining healthy and safe cyberspace that enables effective information security and safety.
In the field of international cooperation, in 2020, the MPS will preside over the 14th ASEAN Ministerial Meeting on Transnational Crime (AMMTC-14), scheduled for November, and recently the country has actively participated in the 20th ASEAN Senior Officials Meeting on Transnational Crime (SOMTC-20).
In its role, the MPS has identified cybercrime as the main front on which to strengthen coordination with law enforcement agencies from other ASEAN countries, especially Singapore – the host country on cooperation in the prevention and control of cybercrime in the AMMTC mechanism. Vietnam also commits to further promote this work, with the theme “For a cohesive ASEAN against transnational crime” that the MPS has launched.
On the occasion, Minister To Lam also proposed various measures to strengthen cooperation on cybersecurity, information security, cybercrime, and high-tech crime prevention with Singapore. For his part, Minister S. Iswaran agreed with the proposals to promote bilateral cooperation in the field of cybercrime prevention, while affirming a commitment from the government of Singapore to continue to strengthen cooperation with all countries in the region and around the world towards safe cyberspace.
Iswaran also gave recommendations to further strengthen cybersecurity coordination between the two sides as well as in the region during the new normal, including the sending of experts to round table discussions for extensive conversations on boosting cooperation in the field.
The Innovation and ICT Minister on 29 September 2020 announced $1.8 million of funding in the upcoming State Budget for the establishment of the State Government’s new Cyber Security Operations Centre. The new whole-of-government Cyber Security Operations Centre will significantly improve the visibility of cyber threats against agencies’ networks and the Government’s capability to detect and respond to cybersecurity incidents.
The new operations centre will support existing complementary efforts to improve cybersecurity resilience across government. It will also expand and complement the existing dedicated cybersecurity team within the Department of the Premier and Cabinet’s Office of Digital Government.
Staff in the new operations centre will be trained cybersecurity professionals, with the centre also offering further avenues of work and training for cybersecurity TAFE and university students participating in the Office of Digital Government’s work-integrated learning program.
The Office of Digital Government will today open applications for the recruitment of a whole‑of‑government pool of cybersecurity experts. Successful applicants will be placed in the Cyber Security Operations Centre team, another team within the Office of Digital Government’s Cyber Security Unit or in other public sector agencies. To apply, those interested can visit the website.
The Innovation and ICT Minister Dave Kelly stated that the launch of the whole-of-government Cyber Security Operations Centre is a first for Western Australia and the first of its kind in Australia. During COVID-19, the nation saw a rise in malicious cyber activity in terms of frequency, scale, and sophistication. The Government is committed to building the cybersecurity capability within the State Government, the community and industry.
The new operations centre will provide unprecedented visibility of threats against agencies’ networks, as well as improve the State Government’s ability to coordinate and respond to cybersecurity threats against its systems. The Cyber Security Operations Centre will create further jobs and opportunities for cybersecurity professionals in WA.
Calls for improved cybersecurity measures heeded
Recently, OpenGov Asia reported that over the last year, the Australian Cyber Security Centre (ACSC) responded to 2,266 cybersecurity incidents and received 59,806 cybercrime reports, at an average of 164 cybercrime reports per day, or one report every 10 minutes. Of the 2,266 incidents reported, 828 were assessed as being Category 5 (Moderate Incident) with 754 assessed as Category 4 (substantial Incident).
Incidents reported by Commonwealth, state and territory governments accounted for more than a third of all incidents (35.4%). The nation’s critical infrastructure sectors including electricity, water, health, communications, and education represented around 35%of the incidents responded to by the ACSC. Malicious cyber activity against Australia’s national and economic interests is increasing in frequency, scale, and sophistication. Ransomware is one of the most significant threats because of its potential to damage government operations.
Between March 10 and 26, it received more than 45 pandemic-themed cybercrime and cybersecurity incident reports. Australia is comprehensively ramping up its cyber resilience capacities. On 30 June 2020, the Government announced a $1.35 billion Cyber Enhanced Situational Awareness and Response (CESAR) package to boost protection and cyber resilience for all Australians.
Under the Government’s CESAR package, the ACSC will continue working with AFP and ACIC to enhance capabilities to prevent and disrupt cybercrime targeting Australia. CESAR will also provide funding towards enhancing ReportCyber, improving the detection of widespread cybercrime campaigns and enabling the effective sharing of threat intelligence and cybersecurity advice to all Australians.
The Ministry of Information and Communications (MIC) has launched a campaign to review and remove malware nationwide this year. It aims to enhance the country’s network security.
The campaign intends to reduce the malicious code infection rate by 50%. It also aims to cut the number of Vietnamese IP addresses in ten popular botnets – a collection of internet-connected devices infected by malware that allow hackers to control them – in half.
The National Digital Transformation Program, approved by Prime Minister Nguyen Xuan Phuc in early June 2020, notes that ensuring network safety and security is key to digital transformation. All IT equipment, products, software, information systems, and investment projects have mandatory components on network safety and security. The ministry has clarified cyber safety and security as aprerequisite for e-government development and digital transformation.
According to security firms, malware infection in Vietnam has decreased but remains high when compared to other countries. Statistics showed that the country has about 16 million IPv4 addresses, of which about three million IP addresses are regularly blacklisted by many international organisations, while two million IP addresses are regularly found in botnets.
The campaign will allow people to use malware prevention software for free. A representative from the ministry’s Department of Information Security said the campaign is for businesses and home network systems and equipment. The group accounts for most of the IP addresses. The campaign would also contribute to improving the country’s reliability in e-transactions, thus promoting socio-economic development and contribute to ensuring national defence and security.
The department would work with VNPT, Viettel, CMC, FPT, BKAV, and Kaspersky to implement the campaign. The project would assess ten major botnets that need to be treated with priority, build, and deploy tools on a large scale, whereby users get free downloads to inspect and remove malicious code from their computers.
After the campaign, the department will evaluate results and plan future campaigns accordingly. The campaign has been implemented in all provinces and cities from the local to the central level, through specialised IT units of ministries, branches and localities, state groups and corporations, and commercial banks and financial institutions.
Additionally, it has received support from organisations, corporations, and major security firms such as Kaspersky, Group-IB, FireEye, F-Secure, and ESET. The campaign has been implemented gradually. The ministry hopes it will achieve positive results, contributing to clean malware from Vietnam’s cyberspace. This will help ensure safety for transactions of agencies and enterprises, as the country is accelerating digital transformation towards the development of digital government, digital economy, and digital society.
In August this year, the Department of Information Security recorded 517 cyberattacks on information systems (199 phishing cases, 160 deface attacks and 158 malware attacks), falling 0.77% over the previous month. The number of Vietnamese IP addresses in botnet networks is over 2 million, a decrease of 0.03% compared to July. The number of recorded cyberattacks, warnings, and the number of botnet IP addresses showed a slight decrease in the last three months.
The decrease was due to the department continuing to strengthen the recording, warnings, and instructions on information security. However, cyber attackers have still taken advantage of concerns about the pandemic to increase the spread of malicious code. The number of IP botnets compared to the same period last year was still at a high level. To ensure network security, the department will strengthen the monitoring and active scanning of the country’s cyberspace.
The government is planning to create a National Cyber Security Strategy 2020 for a safe, secured, and resilient cyberspace. The National Security Adviser, Ajit Doval, recently announced the project at c0c0n, a two-day virtual international conference on hacking and cybersecurity.
The event was organised by the Kerala Police, the Society for the Policing of Cyberspace, and the Information Security and Research Association. Doval noted that the proposed strategy aims to bring the country’s cybersecurity agencies together to secure, strengthen, and synergise the cybersecurity ecosystem by closely working with businesses and citizens.
According to a news report, he explained that the country witnessed threats to exploit the recent pandemic in the form of misinformation, fake news, and social media campaigns. Data in the cyberspace is a goldmine to extract information, undermine the privacy of citizens, and make India’s critical information infrastructure vulnerable to misuse.
He said that phishing campaigns use the COVID-19 pandemic to target financial, defense, and critical infrastructure. Around 5,000 malicious domains and websites were registered in a short period. There has been a 500% increase in cybercrime, owing to people’s limited awareness and poor cyber hygiene. Financial frauds have also increased tremendously owing to the increased reliance on digital payment platforms.
According to a recent report, e-wallets will continue to play a key role in its growth with the continuous increase in both frequency and user base. By 2025, wallets are expected to have higher penetration and lower-income would eventually drive multiple small-ticket transactions.
Digital payments are expected to grow over three-fold to IN₹ 7,092 trillion (around US$ 96 billion) by 2025, on account of government policies around financial inclusion and the growing digitisation of merchants. Mobile payments will drive around 3.5% of total digital payments by the financial year 2025, up from the current 1%. The total mobile payment users who currently stand at about 162 million would reach around 800 million during this period, the report stated.
The lack of indigenously-developed digital solutions like data-sharing facilities and social media platforms have adversely affected the nation’s self-reliance and cybersecurity, Doval added. He urged start-ups to create solutions in line with the country’s requirements and build capacity to ensure that the critical cyber assets are manned by skillful, native professionals.
IT players in the country should focus on research and development, which could lead to the creation of intellectual properties and development of Indian products, capable of competing globally
In 2019, India released a Digital India Compendium in which it outlined the government’s cybersecurity initiatives. As OpenGov Asia reported, it included the National Cyber Coordination Centre, which generates macroscopic views of cybersecurity breaches and cybersecurity threats in the country. The centre scans the cyberspace in the country at a metadata level and generates near real-time situational awareness.
Furthermore, the country launched the Cyber Swachhta Kendra, which provides free tools and security best practices to citizens. It helps users to safely carry out digital payments and secure their personal computers, broadband routers, and mobile phones.
The centre operates in collaboration with internet service providers (ISPs), antivirus companies, and academia to facilitate productive interactions in terms of guidance and communication between the government and the public. It also provides a free bot removal tool, various security tools, security best practices, and information to users to secure their systems and devices while spreading cybersecurity awareness.
A new make-in-Vietnam tool, provided by the National Cyber Security Monitoring Centre (NCSC), can decrypt and identify ransomware and check for malicious files.
The technology, available on an official website, will help individuals, institutions, and businesses ensure their safety in a cyber environment. A press release stated that recent research found that the number of ransomware attacks in Vietnam has decreased but is still high. The country ranks eighth in the world in the number of ransomware-attacked computers. Cybersecurity experts have also repeatedly warned of the appearance of new types of ransomware.
NCSC experts noted that malware and ransomware prevent users from accessing and using the data inside the servers, or computers in general. Attackers will require a ransom from victims in exchange for the right to access the data. However, in many cases, even if the victims pay money, they cannot get back the data.
To help users reduce the risks of ransomware, NCSC has introduced a solution to recognise ransomware. Users can find decryption tools through file extensions or by uploading encrypted files for identification. After finding the results, users should read the instructions for use before downloading and running the tools, the release explained.
The tool for checking malicious files provided by NCSC allows users to check the safety of suspicious files they receive through emails, social networks, or other peripheral devices such as USBs. The tool helps analyse files that are often exploited to carry out attacks such as files with extensions .docx, .xlsx, .pdf, .rar, and .zip (10Mb at maximum).
Users can upload suspicious unknown files or find in NCSC’s database the hashtag codes of the files. After that, the system will analyse the files and provide results on whether the files have malicious code or not.
NCSC experts stated that all the uploaded files will be encrypted after the analyses and erased after a certain time, which ensures users’ privacy. Prior to that, in mid-April, NCSC launched a website that provides technical solutions to help organisations ensure information safety when working remotely.
At that time, on the website, NCSC provided four free tools to support information security: checking botnets, phishing websites, personal account information leaks, and email spoofing attacks. The centre also has documents with the basic requirements of technical features and requirements for configuration settings, offering basic instructions for organisations and individuals working remotely. Based on these requirements, organisations can create plans to ensure safe operations.
The number of ransomware attacks on small and medium businesses’ computers in Southeast Asia decreased from 1.4 million in H1 2019 to 0.5 million in H1 2020.
Recently, the Ministry of Information and Communications (MIC) announced it requested the Prime Minister to clearly define the responsibilities of the heads of mobile network operators that allow ‘trash’ SIM cards to circulate in the market.
The Telecommunications Authority, under MIC, in 2019 told the ministry’s inspectors and local departments to join forces with the police to conduct a large-scale inspection of the management of mobile subscribers across the country in a plan to deal with telecom waste.
Inspectors examined 140 branches belonging to five telcos and telecommunication service points, imposing fines on 12 branches and 21 service points. The inspectors found that the branches and service points sold trash SIM cards with already-declared information of subscribers and already-activated pre-paid mobile services. Users could buy ready-activated SIM cards without having to register or declare their information.
Since June, Viettel, VNPT, and MobiFone, the three largest networks, have stopped selling KITs at authorised agents and revoked the agents’ right to connect subscriber numbers. Instead, they will focus on selling SIM cards and accept subscriber’s information registration at their telecommunication service points.
The Australian Cyber Security Centre (ACSC) annual cyber threat report has shown a marked increase in cyber threats over its 12-month reporting period between 1 July 2019 and 30 June 2020.
Over the last year, the ACSC responded to 2,266 cybersecurity incidents and received 59,806 cybercrime reports, at an average of 164 cybercrime reports per day, or one report every 10 minutes. Of the 2,266 incidents reported, 828 were assessed as being Category 5 (Moderate Incident) with 754 assessed as Category 4 (substantial Incident).
Incidents reported by Commonwealth, state and territory governments accounted for more than a third of all incidents (35.4%). The nation’s critical infrastructure sectors including electricity, water, health, communications and education represented around 35%of the incidents responded to by the ACSC.
Malicious cyber activity against Australia’s national and economic interests is increasing in frequency, scale, and sophistication. Ransomware is one of the most significant threats because of its potential to damage government operations.
Between March 10 and 26, it received more than 45 pandemic-themed cybercrime and cybersecurity incident reports.
“While our cyber adversaries are becoming more adept, the likelihood and severity of cyber-attacks are also increasing due to our growing dependence on new information technology platforms and interconnected devices and systems,” the ACSC says.
Australia is comprehensively ramping up its cyber resilience capacities. On 30 June 2020, the Government announced a $1.35 billion Cyber Enhanced Situational Awareness and Response (CESAR) package to boost protection and cyber resilience for all Australians.
Under the Government’s CESAR package, the ACSC will continue working with AFP and ACIC to enhance capabilities to prevent and disrupt cybercrime targeting Australia.
CESAR will also provide funding towards enhancing ReportCyber, improving the detection of widespread cybercrime campaigns and enabling the effective sharing of threat intelligence and cybersecurity advice to all Australians.
Recently OpenGov Asia reported on the government of New South Wales’ three-year investment of $180 million that aims to broaden the scope of Cyber Security NSW to help protect the state against cyber-crime.
The task force of experts will enhance NSW’s world-class cybersecurity infrastructure. The extra funding will allow the government to quadruple the size of its central cybersecurity team.
Cyber Security NSW will strengthen cyber capability in government agencies while working with emergency management, law enforcement, the private sector and other industries.
The investment into Cyber Security NSW is the first instalment of the $240 million cybersecurity funding announced in June 2020. Cybersecurity is critical in ensuring the NSW Government provides secure, trusted and resilient services. As the NSW Government continues its digital transformation – maintaining and enhancing our cybersecurity capabilities is paramount.
The world has shifted drastically with the pandemic. With its lingering effects, more people are relying on financial technology with its reliable and contactless transactions to meet their needs. The use of Advanced Analytics and AI in fintech has become critical to ease-of-use and security in the context of AML. Usage of AA and AI allows for risk mitigation as well as cost-efficiency; saving investigators’ time in tracking activity that is seen as a potential threat.
The latest OpenGovLive! Virtual Breakfast Insight on 8 September 2020, looked at how financial institutions from Malaysia can apply real-world AI and advanced analytics applications to ensure a world-class integrated banking system that has comprehensive risk management, efficient fraud anticipation and complete regulatory compliance with an eye on bettering customer experience and improving enterprise profitability.
A comprehensive risk assessment and understanding is a must for financial institutions
OpenGov Asia Group Managing Director and Editor-in-Chief, Mohit Sagar, opened the session by observing that the world has become chaotic and the status quo been disrupted.
In these turbulent times, he stressed it is critical to ask key questions: How do we stay ahead of the curve? How do we keep safe? How do we stay compliant?
These questions become more pertinent and urgent when bad actors are evolving rapidly and becoming increasingly sophisticated.
Being compliant is just the first step. Mere check-box implementation could possibly make organisations more vulnerable as it is a broad, general framework.
Ideally, organisations need to have a comprehensive risk assessment and understanding of their organisation and their context – not an easy nor simple undertaking.
Given the complexity and finesse required, it is best to find the right partners to ease through the process of augmenting a corporate’s existing AML system.
Augmenting and not replacing existing AML capabilities is the priority
After Mohit’s introduction, Managing Director, SAS Malaysia, Cheam Tat Inn, explained that his organisation’s analytics solutions have been used across different parts of the banking landscape.
They have been deployed to enable digital transformation, enhance customer experience, improve risk management and strengthen fraud and security intelligence.
He added that the SAS Solutions optimise and enhance existing AML capabilities and not replace them entirely.
Ahmed Drissi, Anti-money Laundering Lead, APAC, SAS, joined Cheam to give weightage to the need for external expertise. He opined that financial companies need to invest in Machine Learning and AI to automate and speed up the onboarding process.
He showed the delegates a graph that depicted clearly how some regional and tier-1 banks had improved their operational efficiency. Expounding on their proposition, he explained that the SAS Solution had several key capabilities:
- Transaction Monitoring
- Customer Risk Rating/Due Diligence
- Customer screening
- Transaction screening
- AML & CTF Investigation
These key capabilities can be applied to an organisation’s existing AML systems to improve and strengthen its ability to combat financial crimes through advanced analytics.
Entity resolution in the context of AML will help in the reconciliation and gathering of normal multiple data and uncover hidden relationships through the analysis in customer’s attributes. This is important to establish a single view of the customer. It will help investigators have a holistic view of a customer.
Ahmed re-emphasised that SAS’s goal is not to replace existing AML capabilities but to optimise and/or augment them as part of segmentation.
Challenges in AML regulation from an HSBC lens
After Ahmed, Lee Ashmore, Global Head of Anti-Money Laundering Technology & Head of Compliance IT-APAC gave a presentation on the challenges on AML regulation through an HSBC perspective.
Lee explained that customer segmentation models can be complex and can take a long time to develop in HSBC.
He shared that there were problems they encounter when a high number of false positives are flagged while using a rule-based TM that needs to be addressed
Lee was of the opinion that it might be difficult to transition from one system to another in their current situation. Fine-tuning systems are time-consuming and thresholds can be severely impacted by market volatility through external events such as COVID-19.
After these insightful presentations, the virtual insight moved into a time of interaction through OpenGov Asia’s polling session.
On the first question asked the delegates where they were in their current AML journey, close to half (44%) said that they have replaced their current AML solution in the previous year.
While discussing answers, a senior executive from a prominent bank in Malaysia shared that they shared their solution about 2 years ago, but are still facing some challenges including false positives, calibrations etc. He also shared that it is an ongoing journey for them, and they are looking to incorporate AI in their AML solution.
Interestingly, in the last session with Singapore-based delegates, for the same question, 62% answered that they were looking for technology that would complement their existing AML solution.
The second poll question asked if the current AML platform/solution provides real-time screening capabilities. Over 48% confirmed their platforms can only screen transactions by batch while 44% said that their AML platform has real-time screening in place.
A delegate reflected that batch screening is appropriate for more complex non- sanction transactions. But for screening sanctions, it should be done real-time. However, ideally, it would be to have a combination of both which is something new to explore.
The third asked about the main challenges that delegates are facing during the AML investigation process. A majority of them (38%) felt the lack of data/insight around customers, accounts and entities is the main problem.
On this one of the delegates shared an interesting reflection. She shared that the major issue is customer information not being updated. When the information is not updated, the risk profiling and mitigation also turns out to be inaccurate. So even when the claims and transactions are not actually high-risk, they seem suspicious.
On the final question on the extent to which organisations are incorporating AI/ML in their risk and compliance programs, half of our audience (50%) voted that they are still evaluating AI and ML before actually incorporating it.
Ahmed shared that it is good to see that majority of organisations were in different stages of their adoption cycle. They have either already adopted it or are evaluating it to understand its benefits. In the same vein, Ahmed brought the session to a closing where he thanked the delegates for the great insights they had all shared.
He closed by reminding them that AI/ML are not plug-and-play solutions that replace current solutions. They augment existing capabilities and strengthen existing systems. Further, SAS has worked hard to create a way of implementing their solution that can be customised to each organisation’s specific requirements and context.
The entire session, with the deep interaction among delegates and experts, led to an intense time of discovery and learning. Advanced Analytics, AI and AML capabilities can be a great tool in strengthening existing systems to combatting financial cybercrime and fraud – activities that may pose high-risk to customers and that can seriously affect an organisation’s credibility.