We learned this week that the UKs financial authorities are still desperately short on original ideas on how to tackle the problem of online banking fraud.
Exhibit number one is the latest, Financial Risk Outlook 2006 the annual audit of the state of UK banking and financial services from the UKs Financial Services Authority (FSA), roughly equivalent in importance to the US Securities and Exchange Commission (SEC).
Buried deep in the report is the section on financial crime, nowadays consumed by worry about electronic crime. The FSA reckons that most of the problem is user education, the need to make the ordinary online banking customer aware of the risks. Encourage them to take sensible precautions, and the problem will be kept in check.
This is a prescription of minimum effort. Education a dreadful word that users sound like noble savages is a stock answer that ignores the fact that there is no longer time. People take too long to educate and will anyway ignore what theyre told often enough to undermine the effort. Asking people nicely to install security on their PCs is about as useful as were the campaigns of thirty years ago to make people wear seatbelts in cars.
Of course users should have up-to-date anti-virus software installed on their PCs. But real progress will only be made when the people who dominate the technology side of the industry - Microsoft for instance make basic levels of PC security mandatory and transparent rather than optional. There are signs that vendors have realised this.
Elsewhere, the FSA makes only brief mention of enforcing basic standards of security on the banking side, including two-factor authentication. This should be the minimum requirement but still the FSA sees such tier one technology as something to vaguely aspire to.
As to complex crimes such as identity theft that piggyback on electronic finance, we get no prescription at all in the face of evidence that banks are failing to protect people from it thanks to poorly integrated systems.
It doesnt matter that banks usually take the hit from online fraud, their failure to invest in stopping it has fuelled part of the crime boom we are now witnessing. Electronic crime is now part of the criminal eco-system, and that will have long-term consequences we all have to deal with.