The Federation Council proposed to sharply increase fines for banks due to the security of transfers

The senators suggested a significant hike in penalties for banks that fail to adhere to transfer security regulations.

The Federation Council is of the opinion that this will compel banks to invest in the safeguarding of customer transactions.

Should the proposal be accepted, the largest banks could face fines in the tens of billions of rubles.

The Bank of Russia has not yet identified any "significant issues" in this area.

RBC reports that the Federation Council of the Russian Federation has proposed a tenfold increase in fines for banks that fail to comply with the laws and regulations of the Central Bank in order to enhance the security of online transactions made by their clients. This measure is intended to prevent fraudulent money transfers without the client's consent.

The explanatory note to the bill states that these requirements enhance security against various attacks, including software interception of messages, re-issuance of SIM cards, internal fraud, and social engineering.

Due to the fact that the cost of work on the implementation or development of new technical means is often more than the amount of a possible fine, large banks are not in a rush to comply with the new requirements of the Central Bank.

Senator Artem Sheikin, one of the authors of the bill, stated that raising the fine would make it financially impractical to be so careless and would compel banks to more actively utilize solutions to prevent message spoofing.

The Central Bank suggested employing cryptographic safeguards or a more advanced qualified or unqualified electronic signature (ES) to combat fraudsters.

According to Fedor Muzalevsky, Director of the Technical Department of RTM Group, large banks do not utilize electronic signatures or cryptography due to both the high cost and technical difficulties. Cryptography can reduce the number of transactions customers make, resulting in a decrease in profits for the banks.

No existing product on the market currently offers a comprehensive solution, however, it is possible to create a custom application that would generate a unique token. The primary benefit of this technology for customers is that it would not be possible to conduct banking transactions from any other device.

Should the senators' proposal be accepted, the fines imposed on the biggest banks could amount to tens of billions of rubles.

The Bank of Russia does not currently observe any major issues with customers making online transactions, and does not impose penalties for information security breaches.