Risk Management

Top 6 ATM (Automatic Teller Machine) Personalization Strategy

1. Customization:
Through transaction personalization options, customers can preset their preferences for the types of transactions they want to perform and the information they want to receive, which leads to feelings of personalized relationships and loyalty

2. Brand reinforcement:
ATM screen graphics and messaging can be made consistent with the financial institution’s other marketing channels, reinforcing messages with each ATM transaction

3. Cross-sell opportunities:
One-to-one targeted messaging via an ATM can result in higher response rates than from other marketing channels. Additionally, financial institutions have the opportunity to cross-sell to non-customers who use the financial institution’s ATMs

The PCI DSS (Payment Card Industry - Data Security Standard) cardholder data environment has an aggregated risk based on the subrisk categories of reputation, financial, compliance, and operational.

Reputation Risk
- Risk of PCI DSS non-compliance on your institution’s brand?

Financial Risk
- Risk of the fines from specific credit card issuers (i.e., Visa, MasterCard, and American Express)
- Litigation costs associated with security breach
- Merchant banks will receive fines as a result of a security breach.

Compliance Risk
- Risk of non compliance with PCI DSS
- The fines from specific credit card issuers (i.e., Visa, MasterCard, and American Express)

The mission of the European Network and Information Security Agency (ENISA) is to act as a hub, or clearing house, for information relevant to the information security of the European Union. It came into being following the adoption of Regulation (EC) No 460/2004 of the European Parliament and of the Council on 10 March 2004. Their website (at www.enisa.europa.eu.) states:

As the Agency’s in-house expertise grows, ENISA is helping the European Commission, the Member States and the business community to address, respond and especially to prevent Network and Information Security problems.

in Europe. That being said ENISA was founded on the basis of a number of assumptions, the following being the most important:

Internet Banking Risk Category, Area of Concern and Related Control

I. STRATEGIC
Business Case
1. Strategic Technology Planning
2. Establish Goals and Monitor Performance
3. Conduct Research and Consult with Experts

Internal/External Resources
1. Provide Adequate Training
2. Provide Adequate Support Staff
3. Administration of Software Updates
4. Insurance Coverage (e.g., Fidelity Bond)

Outsourcing Arrangements
1. Perform Due Diligence on Vendors
2. Audit Performance
3. Back-up Arrangements

Download Free BIA Business Impact Analysis Process Template

Financial Impact

- Peak days average volume of dollars processed is greater than 10 million
- Peak days average volume of dollars processed between 2 and 10 million
- Peak days average volume of dollars processed is less than 2 million