Financial firms can juggle up to four different secure email systems and are often only driven to comply with security email policies after an internal audit, according to Swift, the financial messaging network. cooperatively owned by global banks.
While awareness of risk has increased and reached the board room of large financial firms, many financial firms do not have a standard email security messaging system in place with clear policies, Paul Shetler, Head of Interface Applications at Swift told Computerworld UK.
Shetler, who was once vice president head of network technology at Republic National Bank of New York, which has since been acquired by HSBC, said many financial firms can sometimes be left to manage up to four different secure email systems, in order to communicate with other banks and firms that use proprietary systems, which leads to an "interoperability nightmare situation".
"There has been no clear standard in the market," he explained. "While there are secure email programmes available, almost all of the existing systems require a large upfront overhead, as well as ongoing costs to train staff, which can be up to £500,000 a year."
Firms often need to share information, such as legal documentation, account details and transaction confirmations, the price and number of transactions, and other contractual data. Shetler said that when two parties want to share this data via email, they weigh up the risks of sharing this on a channel that is difficult to secure, because if this information falls in the hands of a scammer, they could easily perpetuate fraud.
"Considering the number of spamming and phishing attacks, it is important for firms to manage reputational risk. Transactions need to be secured and there needs to be significantly enhanced security," he said. "Almost every organisation will be hit by an internal audit at some point."
Demand from financial firms for a standard and secure method of communication prompted Swift to launch SwiftNet Mail, a secure e-mail product that operates on the IP-based SwiftNet network rather than the internet. Swift currently provides secure, standardised messaging services and interface software to nearly 8,100 financial institutions in 207 countries and territories.
Swift claimed SwiftNet Mail is designed to act as a desktop email system, but uses Swift's IP-based platform SwiftNet to transmit email messages.