Bank of Montreal is creating a new financial-crimes unit to combat fraud and cyberthreats and has hired a former U.S. security official to be its leader.
The new unit is launching at a time when banks face rising threats from cybercriminals and fraudsters. Fewer than eight months ago, BMO suffered a data breach that exposed sensitive personal information belonging to as many as 50,000 customers. Simplii Financial, a subsidiary of Canadian Imperial Bank of Commerce, was a victim of the same breach, and while both banks promised to reimburse customers who lost funds, the attacks raised questions about how well financial institutions can fend off evolving threats.
BMO announced on Monday that Larry Zelvin, who most recently was global head of cybersecurity at U.S. banking giant Citigroup Inc., will lead the new unit. The financial-crimes group will aim to pull together existing teams in cyber and physical security as well as combating fraud under one umbrella. Mr. Zelvin, who has a background in national-security roles for the U.S. government, is tasked with making BMO’s existing defences work together more smoothly, improving the way the teams share intelligence and data.
“Folks who are coming after us are much more sophisticated than they were before," Steve Tennyson, BMO’s chief technology and operations officer, said in an interview. “The [automated] bot attacks are much more prevalent."
The financial-crimes unit will bring together nearly 700 staff from its cyber, fraud and physical-security units. The bank also plans to hire new employees with expertise in both cyber and fraud defences, and will create a smaller group it will call a “fusion centre” to monitor activity inside and outside the bank. Mr. Tennyson said BMO learned from the data breach last May and is continuing to invest in building stronger defences.
“It’s bringing together teams that have been very successful up to now and allowing us to go to that next level," Mr. Tennyson said.
Mr. Zelvin was director of the National Cybersecurity and Communications Integration Center at the U.S. Department of Homeland Security, and also at the White House, where he was the National Security Council’s senior director for response. He formally starts at BMO on Jan. 14, and will report to Mr. Tennyson.
In an e-mailed statement, Mr. Zelvin said he was “particularly drawn” to the opportunity to bring together different parts of BMO’s security system to “holistically” guard the bank.
The financial-crimes unit is expected to work closely with BMO’s anti-money-laundering (AML) group, which is also getting a new leader. Herbert Mazariegos is taking over as chief anti-money-laundering officer for all of BMO, after leading AML in the bank’s U.S. operations, succeeding Stuart Davis, who is leaving the bank.
Speaking to reporters after an event for investors last October, BMO chief executive Darryl White said the bank was still investigating the data breach, with help from law enforcement. At the time, he stressed the importance of ensuring that the bank’s capabilities to detect and prevent financial crime “start to come together."
“I would say to you we are a lot smarter as every event goes on, and there are events every hour of every day,” Mr. White said in October. “It’s a continual improvement exercise if there ever was one.”
Stay up to date on all our Streetwise stories. We have a Streetwise newsletter, covering mergers and acquisitions, plus financial services news. It is sent Tuesday to Saturday morning. Sign up today.