Reducing IT Risks in Croatian Banks

USAID supports the Croatian National Bank in their efforts to curb the threat of fraud, hackers and viruses to banks.

In March 2002, the Croatian National Bank (CNB) and the wider public realized how vulnerable commercial banks are to information technology (IT) security flaws.

The chief foreign exchange trader of the fourth largest commercial bank had concealed nearly $100 million in derivative losses over several years.

Moreover, the trader was able to hide these losses because he successfully breached the commercial bank's own internal password security for the IT systems responsible for settling these trades.

The security of IT systems is vital for managing operational risks in banks, and with USAID support, the Croatian National Bank has pioneered the establishment and enforcement of IT security standards in the region.

The Financial Services Volunteer Corps (FSVC), funded by USAID, provided training and technical assistance that enabled the CNB to develop a special group of bank examiners who specialize in IT risk supervision. This unit makes sure that banks have the proper mechanisms in place that ensure a secure, stable and reliable IT environment. Bank regulators from the United States, Holland, and Israel were engaged as volunteers to provide the training the CNB needed.

Supported by USAID, this unit significantly improved the quality of their own audits and set standards for external IT auditors, that conduct independent annual audits, to improve their performance level as well.

According to Damir Blazekovic, Head of the CNB's IT Unit, they are motivated to invest more efforts into their daily work with the goal of making the IT security of Croatian banks simply a "state-of-the-art affair".

Story provided by: FSVC

Download document (287 KB)

Back...