For the Group's Italian banks and for some of its international banks, Intesa Sanpaolo has activated an anti-fraud system that analyses all transactions carried out via Internet Banking in real time and identifies those considered questionable. Alerted transactions are verified at a central level by a specialist team that checks the truthfulness and accuracy, directly contacting customers and unknown transactions are revoked. If the customer cannot be contacted by telephone, the branch is notified immediately in order to find another contact method. In the event of ascertainable fraud or fraud attempt, the customer is also assisted in filing a report with the relevant authorities. All customers are informed about the rules of conduct for a proper and safe use of online tools (e.g., updated anti-virus software, detection of phishing emails, correct use of personal codes, etc.). A section on the company intranet has been set up, to promptly inform branches about new phishing campaigns.
Constant monitoring of fraud resulted in the blocking of nearly 10 million euro of fraudulent transactions for retail customers and around 21 million euro for corporate customers in 2016.
During 2016, the process to consolidate the Intesa Sanpaolo CERT (Computer Emergency Response Team) was started. The team was appointed as the operating interface for critical cyber events concerning external stakeholders, and as a promoter of cyber security awareness, through specific project actions and cooperation. CERT was involved in initiatives at various levels: in Europe, with involvement in the European Cyber Security Organization (ECSO); at a financial industry level, with a proactive and key role in setting up the sector CERT (CERTfin); with the Postal Police forces; at a national level, supporting the adoption of the National Cyber Security Framework for its own supplier chain.
The Group CERT is also active on various fronts, including participation in Cyber Threat Intelligence (FS-ISAC, BitSight, Recorded Future) services, internal infosharing services (Banks and Group Companies) and external infosharing services (national CERT, CERTFin, other CERTs) and reporting to supervisory authorities in the case of serious IT security incidents.
During the year, projects/activities for the forward-looking definition of policies and processes to internally manage cyber security were focussed on in particular. For example, the 2016/2017 Cyber Security Programme was launched, which aims to increase Group maturity through a more efficient and effective management of threats and to consolidate expertise and structures necessary to mitigate risk from cyber attacks. Activities to analyse the management of citizens' digital identity, which are a part of the government's digital agenda (SPID), continued, as well as activities on cryptocurrencies.
As in previous years, the Bank remained committed to obtaining and maintaining independent certification of its own security and business continuity activities as a guarantee of the quality and adequate monitoring of the services it provides [i].