We would like to invite you to continue a survey you have started. ...

Do you trust your insurer ?

Strongly agree
Strongly disagree
Insurance provides peace of mind
Insurance is purchased only when compulsory
Terms and Conditions (small print) are clear and easily accessible
Insurance jargon (language) stands in the way of fully understanding each policy
Insurance companies try their best to uphold the details of the policy without cutting corners
Reducing risk, cutting costs and profits are more important to an insurance company than the customer
Insurance companies in the region are as professional as in other more developed markets
Age group
Do you feel your insurance provider works in your interest?
Have you had a rejected claim that you feel was not justified?
Do you trust your insurance provider?
Our Network

Register for our free newsletter

Latest News

For banks in cyber heist, how to get their money back?

Banks cyber heist

While details of what happened are still sketchy, experts said the banks could bring claims against the processing companies in court.


May 12, 2013 4:33 by

Because the sums were large and such attacks are relatively new, the two Middle East banks hit in a $45 million ATM heist face an uncertain path in trying to recover their losses, financial, insurance and legal experts say.

Oman-based Bank of Muscat lost $40 million and United Arab Emirates-based National Bank of Ras Al Khaimah PSC (RAKBANK) lost $5 million in the global heist, U.S. prosecutors said on Thursday. Hackers gained access through third-party companies that processed transactions for prepaid debit cards issued by the banks, the prosecutors said.

While details of what happened are still sketchy, experts said the banks could bring claims against the processing companies in court, or they could file claims with their own and the processing companies’ insurers.

“There’s no hard and fast rule,” said Dan Karson, the Americas chairman of Kroll Advisory Solutions. “We’re in very much a new cybersphere of finance, and allocating liability is still very much evolving.”

Any claims by banks against the processing companies would depend on the contracts between the two parties, Karson and other experts said. Those contracts include industry security standards, which are required by the major credit card payment networks, in this case MasterCard.

In most security breach cases, the processing company in question did not fully comply with the standards, said Doug Johnson, vice president for risk management policy at the American Bankers Association.

However, even if the processor failed to comply with security standards, banks may still be unable to get back their money. That is because the contracts between processors and banks, under terms set by credit card companies like MasterCard or Visa, typically limit the processor’s liability.

“They can’t make everybody whole, or they’ll be out of business,” said Michael Klaschka of Integro Insurance Brokers, which has many financial institutions as clients. “The bank may have very little recourse against thecredit card processor.”

In the hit against Bank of Muscat, the processor is enStage Inc, based in Cupertino, California, a source close to the Bank of Muscat said. Bank of Muscat has not commented on the attack.

Officials at enStage did not respond to requests for comment on Saturday. EnStage CEO Govind Setlur said in a statement in the Times of India his company had implemented security enhancements since the attack.

In the RAKBANK case, the processor is India’s ElectraCard Services, according to people familiar with the situation. RAKBANK has not confirmed that ElectraCard Services is the payment processor and ElectraCard Services has not commented.

Pages: 1 2


Tags: , , , , ,

Leave a Comment