CITIC Bank internet banking system is a major loophole

Document Sample
CITIC Bank internet banking system is a major loophole Powered By Docstoc
					CITIC Bank internet banking system is a major loophole
Money stolen bank customers not surprising, but if for technical reasons due to the
client's bank funds stolen, then the problem becomes severe. CITIC Bank
has such a problem arises.
Recently, according to informed sources, around New Year's Day in 2009,
CITIC Bank 9 bizarre stolen customer funds. Later, regulators found that CITIC
Bank's internet banking system, there are significant loopholes that led to
theft of customer funds.
Specific to the CITIC Bank online banking system, what are the loopholes, CITIC
Bank has been closely guarded secret, in subsequent annual reports and mid-year
report of all this no mention.
When approaching another year of New Year's Day, CITIC
Bank's internet banking system is doing to improve the
customer's financial security is guaranteed, has become entwined in the
minds of CITIC bank customers a lingering worry.
A net bank system
Information system for the banks is over the body's nerves and blood
vessels, if there are significant loopholes in the system, the threat of the banks would
be fatal.
In recent years, rapid development of China CITIC Bank online banking. According
to statistics, first half of 2009, CITIC Bank Personal Internet Banking Certificate of
users reached 1,462,600, up 35.89 percent over the previous year; Personal Internet
Banking transactions amounted to 77.482 billion yuan, 3.12 times for the same period
last year.
It is because of the rapid development of Internet banking business, the CBRC also
put into the regulatory perspective of information system security. In 2006, China
Banking Regulatory Commission had already issued "banking financial
institution information systems risk management guidelines", requiring
banks to attach importance to information systems risk management. In June 2009,
China Banking Regulatory Commission under the new changes, revised the document
and re-named "Commercial bank information technology risk management
guidelines," the CBRC supervision of information systems emphasis is
China Banking Regulatory Commission had also been asked to protect the depositors
from the commercial banks interest in information systems development, testing and
maintenance, and service outsourcing process to strengthen the protection of customer
information, prevent disclosure of sensitive information, business continuity
management can be regulated to protect customer data security and continuous
Informed sources, China CITIC Bank 9 customers online bank account theft, but also
occurred in just one or two days, indicating that banks do not have enough weight
CITIC Bank Watch security problem, not to discover the loopholes in the system,
resulting in criminals committed crimes succeed, customer funds suffered losses.
CITIC Bank is carried out after the sheep up in prison? That is, if it occurred in the
case of the loopholes in the system was modified, are now unknown. CITIC Bank did
not give any public explanation.
According to media reports, as early as 2006, the country's first online
banking theft case, once the bank loses final.
Credit management system is functional defects
Personal Internet Banking is not only there are significant loopholes, CITIC
Bank's credit management system is also flawed.
According to sources, the regulators have been identified, CITIC Bank's
credit management system is flawed, there is no identified link to corporate customers
in the credit process set up, can not group customers an effective credit control.
In addition, the credit management system, lack of basic information there, significant
loss of function, the module function does not effectively use the case, affect the
system function of the play.
For banks, credit management system controls nearly all of the credit assets of banks,
each loan in the credit management system platform, examining and approving.
CITIC bank credit management system is flawed, this effect would be systematic, the
bank ten thousand billion loan security to the test.
Because of the credit management system, change is an extremely complex matter,
need to sort out the credit process, and many work more than just look at software
changes. This work is already under way or CITIC Bank is preparing, as China CITIC
Bank did not notice, the reporter is not known. In the most recent annual report and
mid-year report, the CITIC Bank said nothing about the credit management system
deficiencies, but said, "China CITIC Bank to continue to increase
application development efforts; continued refinement of information technology,
professional management; constantly enhance information technology risk
management and control capabilities; start long-term IT planning and information
security planning, to promote the continued support of IT business needs. "