Building cyber resilience: Australian Mutuals' decades-long battle against Cybercrime

In the relentless war against cybercrime, where threats evolve and vulnerabilities persist, financial institutions find themselves navigating a digital Wild West. Unlike the transient Y2K bug scare, this battle has no final victory, requiring constant innovation and resilience. Amidst this turmoil, Australia's customer-owned banks, the mutuals, stand as beacons of unwavering security in the face of an ever-changing digital landscape.

Early awareness and pioneering action

Their vigilance has deep roots, stretching back to the dawn of the digital age. As early as the 1980s, while armed robbers still posed the primary threat, articles in Australian Credit Unions Magazine, like "Computer Abuse in Australia," showcased a predictive awareness of the nascent cyber-threat. While others focused on physical defenses, the mutuals already scanned the horizon for digital dangers.

As the World Wide Web continued to grow in the 90s, and cybercrime headlines grew bolder, the mutuals' response intensified. By the mid-2000s, they were actively building their digital fortifications. 

In 2004, credit union peak body Cuscal contributed financially to the Australian High Tech Crime Centre (AHTCC) initiative.

Connexus magazine reported, “The AHTCC is part of a national plan to fight cybercrime. It is targeting crimes including ‘phishing’ (bogus emails to trick people into revealing personal information), cyber fraud and identity theft”.

In the same article, Adrian Lovney, Cuscal Industry Association General Manager, is quoted as saying, “credit unions recognise the value in responding cooperatively to the challenge of cyber-crime”.

Championing Innovation for Security

A decade ago, Abacus (now COBA) championed innovative solutions like Sophos RED, securing remote access through encrypted VPNs. Their partnership with Australia Post's VeriSign Identity further bolstered defenses, proclaiming, "Here's a way to reduce the ongoing threat of Internet Banking Fraud." This proactive approach continues today.
 

A little over a decade on, where do we sit?
In November 2023, Chief Economic Adviser to COBA Nicki Hutley noted, “the Australian Signals Directorate (ASD) 2022-23 report contains alarming statistics, with 94,000 reports of cybercrime, or a new report every six minutes. Compromised emails and email fraud, together with online banking fraud were the top three cybercrimes. As with personal fraud, the average cost to business rose 14%: $46,000 for small businesses, $97,200 for medium-sized businesses, and $71,600 for large businesses”.

Hutley also notes that COBA is a member of the advisory board to the Australian Competition and Consumer Commission’s (ACCC) National Anti-Scam Centre and that, “customer owned banks have a strong history of collaboration to uplift their defences against cybercrime through COBA’s Financial Crimes team”.

Leadership amidst ongoing threats

Robert Keogh, former CEO of Beyond Bank, echoes this commitment. Having witnessed the rise of cybercrime throughout his 44-year career, he affirms, "as soon as we went down the digital path, it was obvious it was going to be a significant risk." The mutuals, he declares, "have been up for the fight."

Lessons for all financial institutions:

This legacy of proactive vigilance offers valuable lessons for all financial institutions:

• Early awareness matters: embrace emerging threats as opportunities to build robust defenses.

• Collaboration is key: share knowledge, resources, and best practices to strengthen collective defenses.

• Innovation is Indispensable: continuously adapt and adopt new technologies to stay ahead of evolving threats.

The ongoing war against cybercrime is transformed into a testament to resilience and commitment by emulating the foresight and collaborative spirit of Australian mutuals. As financial institutions face an ever-changing digital landscape, the legacy of proactive vigilance from Australian mutuals provides invaluable lessons, guiding them to build responsible, secure enterprises that stand strong against the relentless tide of cyber threats.