Crisis in Japan: The Global ImpactSecurity Experts: 'A Wake-up Call for the Rest of the World'
On Tuesday, stocks in the U.S. and Europe took hits, as the impact of Japan's disaster response continues to spread throughout the global financial market. U.S. stock prices fell 2 percent. In Europe, shares in nuclear-related utilities, luxury groups and assurance companies fell 3.5 percent.
Japan, which on March 11 was hit by a 9.0 earthquake that caused a tsunami of catastrophic proportion, has seen its infrastructure rocked. Loss of power and communications pale in comparison to the human casualties and mounting fears of radiation poisoning from stricken nuclear plants. From a financial and business perspective, the losses and pain are spreading, adversely affecting mature global markets on a daily basis.
The global impact has been eye-opening, says Mark Lobel, principal at PricewaterhouseCoopers and a long-time security expert. Global banking institutions and financial services players -- just one piece of the economic puzzle -- could learn a great deal from Japan's disaster response. "There is nobody better prepared for this type of event than the Japanese," Lobel says.
Bank branches in areas destroyed by the earthquake and subsequent tsunami have obviously been closed, says Tom Wills, principal consultant and secure strategies analyst for Javelin Strategy & Research. But the Japanese financial system and payment networks have not been significantly disrupted.
"On a risk management level, this speaks well of the financial-services industry in Japan, which has traditionally given a high priority to doing BCP [business continuity planning] right," Wills says. "Doing it right means not only having fail-over systems to keep the transactions flowing, but regularly drilling staff on how to react in a disaster scenario -- and securing account access and sensitive data such that it can't be readily exploited during the chaos that might follow."
That preparation has paid off. But, as Lobel notes, the events in Japan prove "even the best laid plans only go so far."
Wake-up for the World"This should be a wake-up call for the rest of the world," Lobel says. "We've all got to learn and be prepared for the next major disaster."
As U.S. financial institutions along the West Coast brace for their own disaster recovery in the event of future earthquakes, Lobel says they would be wise to get teams in place to mimic steps the Japanese took. "I would have a team looking at everything," he says.
From a technology standpoint, Japanese corporations and financial institutions have invested comparatively more in fraud prevention and risk mitigation than most global markets, especially the U.S., Lobel says. Investments in disaster-recovery systems, security and business continuity plans have always been a top a top priority in Japan.
Alternatively, according to PwC research, most U.S. businesses and financial-services providers say they lack robust business continuity plans -- plans that ensure strong online authentication for account access and steps for regulatory compliance are maintained during times of disaster. "How do you make sure those controls don't go out the window when there is a disaster?" Lobel asks. "How does a financial institution put controls in place for when this type of disaster is taking place?"
Fraud Schemes AboundWhile the protection of sensitive financial data and systems is critical, as Wills says, the industry cannot underestimate the risk of fraud in the wake of Japan's crisis.
"One of the challenges financial institutions are probably going to see are thousands of orphan accounts from branches in Northern Japan," Lobel says. "That's going to be a problem, and it's likely going to lead to a lot of fraud from stolen [credentials] and other methods that people use to get access to bank accounts of the deceased. Money should be going to legitimate heirs, but how institutions investigate and balance all of that will be a challenge."
Another challenge: corporate fraud. Between 14 percent and 17 percent of Japanese households have insurance, Lobel says. "Insurance fraud will be a big one," he says. "Again, it will relate to stealing identities and then going after the folks who had the insurance to collect on their policies."
And those are just the immediate concerns. Cyber scams, targeting U.S. consumers and others for donations to bogus relief programs, are already surfacing.
"People and corporations want to do the right thing by donating, but how do you know where to go to make a donation to a company that is reputable?" Lobel asks. "It's a play on people's empathy that we always see during disasters."
The role financial institutions play in protecting their commercial and consumer customers, Lobel says, is a tricky one. "It's not the responsibility of the banks to prevent their customers from making donations, or for banks to determine which entities or organizations are legitimate," he says. "But if we look at patterns of fraud and patterns of payment to identify some of these fraudulent entities that seem to be scamming corporations and individuals, we could lessen the blow," and ultimately prevent subsequent losses that result from fraud and identity theft.