Hooray for NYS AG Letitia James. She has sued Citibank for poor security and failure to comply with #EFTA when consumers report #fraud or #theft.
Snippets from the press release:
"The OAG found that Citi’s systems do not respond effectively to red flags, such as scammers who are using unrecognized devices, are accessing accounts from new locations, or are changing banking passwords or usernames. Additionally, Citi systems do not flag and stop efforts to transfer funds from multiple accounts into a single account and then send tens of thousands of dollars out the door in minutes. Citi also does not automatically initiate investigations or report fraudulent activity to police or law enforcement authorities when consumers first report it to Citi."
"Under EFTA, banks such as Citi are required to reimburse their customers for money in their accounts that is lost or stolen through unauthorized electronic payments. However, Citi illegally exploited a narrow exception in these laws to deny consumer claims for reimbursement, resulting in millions of dollars in losses for New York consumers. Through this lawsuit, Attorney General James is seeking to stop Citi’s deceptive practices and to collect restitution for victims who were denied reimbursement in the last six years, penalties, and disgorgement. "
NYS announces $8 Million Penalty Against Genesis Global Trading, Inc. After DFS Investigation Finds Significant Failings in Anti-Money Laundering and Cybersecurity Programs
I love it when NYS DFS and the NYS Attorney General's Office crack down on poor security.
Here's another enforcement action in the financial sector by NYSDFS. They have fined lender and mortgage service provider OneMain Financial Group $4.25 million dollars and of course, there's a corrective action plan: