Skip to main content
MENU
Subscribe
  • Subscribe
  • Account
  • LOGIN
  • Topics
    • Alternatives
    • Consultants
    • Coronavirus
    • Courts
    • Defined Contribution
    • ESG
    • ETFs
    • Hedge Funds
    • Industry Voices
    • Investing
    • Money Management
    • Opinion
    • Partner Content
    • Pension Funds
    • Private Equity
    • Real Estate
    • Russia-Ukraine War
    • SECURE Act 2.0
    • Special Reports
    • White Papers
  • Rankings & Awards
    • 1,000 Largest Retirement Plans
    • Top-Performing Managers
    • Largest Money Managers
    • DC Money Managers
    • DC Record Keepers
    • Largest Hedge Fund Managers
    • World's Largest Retirement Funds
    • Best Places to Work in Money Management
    • Excellence & Innovation Awards
    • Eddy Awards
  • ETFs
    • Latest ETF News
    • Fund Screener
    • Education Center
    • Equities
    • Fixed Income
    • Commodities
    • Actively Managed
    • Alternatives
    • ESG Rated
  • ESG
    • Latest ESG News
    • The Institutional Investor’s Guide to ESG Investing
    • Climate Change: The Inescapable Opportunity
    • Impact Investing
    • 2022 ESG Investing Conference
    • ESG Rated ETFs
  • Defined Contribution
    • Latest DC News
    • DC Money Manager Rankings
    • DC Record Keeper Rankings
    • Innovations in DC
    • Trends in DC: Focus on Retirement Income
    • 2022 Defined Contribution East Conference
    • 2022 DC Investment Lineup Conference
  • Searches & Hires
    • Latest Searches & Hires News
    • Searches & Hires Database
    • RFPs
  • Performance Data
    • P&I Research Center
    • Earnings Tracker
    • Endowment Returns Tracker
    • Corporate Pension Contribution Tracker
    • Pension Fund Returns Tracker
    • Pension Risk Transfer Database
    • Future of Investments Research Series
    • Charts & Infographics
    • Polls
  • Careers
  • Events
    • View All Conferences
    • View All Webinars
    • 2022 Innovation Investing Conference
    • 2022 Defined Contribution East Conference
    • 2022 ESG Investing Conference
    • 2022 DC Investment Lineup Conference
    • 2022 Alternatives Investing Conference
Breadcrumb
  1. Home
  2. Print
November 13, 1995 12:00 AM

RISK FROM HACKERS SMALL;INSIDERS POSE THE GREATEST THREAT TO CUSTODIAL SECURITY

Fred Williams
  • Tweet
  • Share
  • Share
  • Email
  • More
    Reprints Print

    Bank custodial accounts could be penetrated by skilled computer hackers, although the likelihood is remote, consultants say.

    And, some pension executives are concerned that outsiders could set up a bogus account and trick a pension fund's computers into sending automatic deposits into the account.

    Concern about bank security measures has increased following recent press reports that hackers got into Citicorp's corporate cash management accounts. Indeed, pension executives increasingly are asking their bank representatives about the banks' security systems and procedural safeguards.

    Executives at major custodial banks are reluctant to discuss their computerized account security systems for fear of encouraging hackers to test their skills against bank security. Still, most believe it is next to impossible for outsiders to gain unauthorized access to customer accounts and transfer funds without help from inside the bank.

    "I'd think that (gaining access to custodial accounts) could be done," said a computer specialist at a consulting firm, who didn't want to be identified.

    He said it "may be easier" to mess with custodial accounts than cash management accounts - because cash accounts are reconciled daily while many custodial accounts are reconciled on a monthly basis.

    "But you would be caught," he said. "You might be able to do it, but it is a very difficult process. It would take inside help to provide information about security. If you tried through trial and error .*.*. you can only dial in so many times without being kicked off the system."

    But, "if the person is familiar with the security scheme of the bank and has specialized knowledge of how to get into the system via phone lines, they may try to download the password files and run a program to decode and crack the system."

    "In some cases," he said, "you can generate a program called 'spoofing,' which looks like legitimate access, which makes the main computer believe you are a high-security customer. Strictly speaking, while it is difficult to do, all systems are penetrable ultimately."

    Some pension funds have systems to prevent fraudulent transactions.

    James O. Woods, executive director of the Louisiana State Employees' Retirement System, Baton Rouge, said his fund restricts access to the fund's computer system to "a few" insiders and changes its access codes every six weeks. In addition, he said, there is no outside telephone dial-in access to the system.

    He said the fund, which distributes $260 million in benefit payments annually, is evaluating a system that would allow participants to use a program to provide them with information on their pension benefits.

    "But we will be very careful to restrict access, and there will be no direct dial-in access to the system," he said.

    Trust bankers and pension consultants say preventing illegal access to customer accounts is a matter of constant surveillance, preventing outside dial-in access and following established security procedures, including encryption, call-back procedures and restricted access.

    "There is no truly fail-safe security system," conceded a master trust bank spokesman who wouldn't be identified. "Nothing is impossible, but most major master trust banks are as close to it (fail-safe) as we can get."

    Richard Bort, president of Richard Bort & Associates, a Sherman Oaks, Calif., treasury management consultant, said that while it is extremely difficult for outsiders acting alone to gain unauthorized access to customer bank accounts, collusion from inside the bank makes such access much easier.

    "As far as data security, you can keep out hackers to some extent. But if you have two people well placed and one of them is inside the bank, it would be difficult to prevent and it could be the sky is the limit," he said.

    Mr. Bort said there is no reason for excessive concern, as long as clients and banks observe proper account monitoring and perform "appropriate due diligence."

    One of the best security systems available is the call-back system, but it must be rigorously and properly used. With a call-back system, an authorized bank client calls the bank and hangs up the phone. The bank, using confidential access codes and a series of passwords, calls the client back to verify the identity of the caller before access is granted to an account.

    And despite consultants' claims that custodial accounts are reconciled only monthly, some bank executives say the accounts are reconciled daily, with an audited report prepared monthly.

    "Funds and transactions are reconciled daily; information is available for clients daily," said the mast trust bank spokesman.

    "They can get a very good feel for their accounts on a daily basis."

    He also noted the bank uses data encryption and other safeguards he declined to divulge.

    "In order to move securities from an account, we need authorization from the money managers, then we have our compliance people involved also. (An outsider) could probably get in and view the portfolio, but in terms of moving anything out, it's virtually impossible."

    George C. White, president of White Papers Inc., a Montclair, N.J., electronic funds transfer consultant, said he doubts outsiders could gain unauthorized access to custodial accounts without inside assistance.

    "I don't find the banks fearful in this area," said Mr. White. "They are more concerned about losses suffered in bad real estate loans."

    Recommended for You
    Read the print edition of P&I
    Read the print edition of P&I
    How low is low? Projections say it's not low enough
    How low is low? Projections say it's not low enough
    FINRA honors Wharton's Olivia Mitchell with Ketchum Prize
    FINRA honors Wharton's Olivia Mitchell with Ketchum Prize
    Alternatives: Investing Across the Spectrum
    Sponsored Content: Alternatives: Investing Across the Spectrum

    Reader Poll

    May 9, 2022
    SEE MORE POLLS >
    Sponsored
    White Papers
    Are Factors a Thing of the Past?
    Q2 2022 Credit Outlook: Carry On
    Leverage does not equal risk
    Is there a mid-cap gap in your DC plan?
    Out of the Shadows: The Revolution in Shadow Accounting
    The pivotal role of fixed income markets in the ESG revolution
    View More
    Sponsored Content
    Partner Content
    The Industrialization of ESG Investment
    For institutional investors, ETFs can make meeting liquidity needs easier
    Gold: the most effective commodity investment
    2021 Investment Outlook | Investing Beyond the Pandemic: A Reset for Portfolios
    Ten ways retirement plan professionals add value to plan sponsors
    Gold: an efficient hedge
    View More
    E-MAIL NEWSLETTERS

    Sign up and get the best of News delivered straight to your email inbox, free of charge. Choose your news – we will deliver.

    Subscribe Today
    May 9, 2022 page one

    Get access to the news, research and analysis of events affecting the retirement and institutional money management businesses from a worldwide network of reporters and editors.

    Subscribe
    Connect With Us
    • RSS
    • Twitter
    • Facebook
    • LinkedIn

    Our Mission

    To consistently deliver news, research and analysis to the executives who manage the flow of funds in the institutional investment market.

    About Us

    Main Office
    685 Third Avenue
    Tenth Floor
    New York, NY 10017-4036

    Chicago Office
    130 E. Randolph St.
    Suite 3200
    Chicago, IL 60601

    Contact Us

    Careers at Crain

    About Pensions & Investments

     

    Advertising
    • Media Kit
    • P&I Content Solutions
    • P&I Careers | Post a Job
    • Reprints & Permissions
    Resources
    • Subscribe
    • Newsletters
    • FAQ
    • P&I Research Center
    • Site map
    • Staff Directory
    Legal
    • Privacy Policy
    • Terms and Conditions
    • Privacy Request
    Pensions & Investments
    Copyright © 1996-2022. Crain Communications, Inc. All Rights Reserved.
    • Topics
      • Alternatives
      • Consultants
      • Coronavirus
      • Courts
      • Defined Contribution
      • ESG
      • ETFs
      • Hedge Funds
      • Industry Voices
      • Investing
      • Money Management
      • Opinion
      • Partner Content
      • Pension Funds
      • Private Equity
      • Real Estate
      • Russia-Ukraine War
      • SECURE Act 2.0
      • Special Reports
      • White Papers
    • Rankings & Awards
      • 1,000 Largest Retirement Plans
      • Top-Performing Managers
      • Largest Money Managers
      • DC Money Managers
      • DC Record Keepers
      • Largest Hedge Fund Managers
      • World's Largest Retirement Funds
      • Best Places to Work in Money Management
      • Excellence & Innovation Awards
      • Eddy Awards
    • ETFs
      • Latest ETF News
      • Fund Screener
      • Education Center
      • Equities
      • Fixed Income
      • Commodities
      • Actively Managed
      • Alternatives
      • ESG Rated
    • ESG
      • Latest ESG News
      • The Institutional Investor’s Guide to ESG Investing
      • Climate Change: The Inescapable Opportunity
      • Impact Investing
      • 2022 ESG Investing Conference
      • ESG Rated ETFs
    • Defined Contribution
      • Latest DC News
      • DC Money Manager Rankings
      • DC Record Keeper Rankings
      • Innovations in DC
      • Trends in DC: Focus on Retirement Income
      • 2022 Defined Contribution East Conference
      • 2022 DC Investment Lineup Conference
    • Searches & Hires
      • Latest Searches & Hires News
      • Searches & Hires Database
      • RFPs
    • Performance Data
      • P&I Research Center
      • Earnings Tracker
      • Endowment Returns Tracker
      • Corporate Pension Contribution Tracker
      • Pension Fund Returns Tracker
      • Pension Risk Transfer Database
      • Future of Investments Research Series
      • Charts & Infographics
      • Polls
    • Careers
    • Events
      • View All Conferences
      • View All Webinars
      • 2022 Innovation Investing Conference
      • 2022 Defined Contribution East Conference
      • 2022 ESG Investing Conference
      • 2022 DC Investment Lineup Conference
      • 2022 Alternatives Investing Conference