Wednesday, January 1, 2014

Legal Aspects of Security Breaches, Unauthorized Transfers, and Corporate Account Takeovers

Last month, the CEO of BNY Mellon told the American Banker that his bank's greatest single concern is cybersecurity.  We live in an era where a security breach can be devastating to a variety of businesses, whether through a direct loss of funds, civil liability, or massive reputational harm to a brand.

Some of the fastest-developing topics I encounter in my law practice involve security breaches, unauthorized transactions, and corporate account takeovers.  Several weeks ago, I addressed the legal aspects of these issues in a presentation delivered at the North Carolina Bankers Association's Security Summit.  Some of the questions addressed in the presentation included the following:

  • What obligations under federal and North Carolina law do businesses have when there has been a security breach involving customer information?
  • At what point does an incident involving customer information rise to the level of a "security breach" for which the applicable laws require specific responses? 
  • Who must bear the loss when there is an unauthorized transfer of funds in a consumer's bank account?
  • If a company's bank account is compromised (hacked) in a "corporate account takeover" and funds are transferred from the account without authorization, is the bank required to refund the company's money?

I am posting the slides from my presentation here so those who were not able to attend the Security Summit will be able to see the highlights of the talk.*  I hope you find this information helpful.  (Please feel free to share this blog post with others who might benefit from this information.)

The importance of these issues continues to grow, and I intend to speak and write more about these and related topics in the coming days. 

[*As with all of the information I post here on the blog, this is shared for general educational purposes only, and does not constitute legal advice.  I will not be updating this information as the law develops, and I reserve the right to change my position on any issue addressed in these materials in the future.]

No comments:

Post a Comment