2016 Edition


Facts & Figures 2017

Balance sheet & profitability


Lending and deposits

Focus: Digital Banking

National Facts & Figures

Statistical annex

Economy, balance sheet and profitability

The data has been compiled from publicly available information released by the European Central Bank, European Commission, Eurostat, the European Banking Authority, International Monetary Fund, national competent authorities and members of the European Banking Federation.

The EU economy

The European economy is slowly but steadily working its way out of the crisis. In 2015 the EU economy expanded by 2.3% or more than international partners such as Canada (1.1%) and Japan (0.5%) but at a rate slightly below that of the United States (2.6%) and Australia (2.4%).

The positive development continued into 2016 where a 0.6% growth rate in the first quarter of the year brought the 19-country economy slightly above its pre-crisis peak. This also marked, for the first time since 2011, a better economic performance by the euro area than that of the European Union (EU-28). In the first three quarters of 2016 the seasonally adjusted GDP in the euro area rose by 1.7%, 1.6% and 1.6% respectively while in the EU-28 it rose by a similar 1.8% in the first three quarters.

Similar to the years preceding the financial crisis, private consumption is nowadays the engine of growth in Europe reaching pre-crisis levels. It is expected to remain so for 2016 and the next couple of years, albeit at a slower pace.

Growing faster than at any time since 2008, employment got closer to the path seen before the crisis (70.3% in 2008) as the rate in the EU-28 for persons aged 20 to 64 reached 70.1 % in 2015. The employment rate in the euro area was 69% in 2015. Sweden continues to be the country with Europe’s best employment rate reaching a peak of 80.5% in 2015 closely followed by Germany with 78%. Although with a recovery on the employment rate, Greece had again the lowest rate in the EU with 54.9% employment. In spite of the positive development unemployment rates remained high in a number of euro area countries.

Inflation is still very low by historic standards averaging zero in 2015 and forecasted at 0.3% in 2016 for both the EU-28 and the euro area. While still currently below the ECB target of nearly 2%, inflation is currently slowly increasing leaving behind concerns of possible deflation. Inflation should get closer to the ECB target over the next coming years due to expected higher commodity prices and benign economic situations.

Whereas monetary policy continues to play a major role in the recovery of the EU economy, political uncertainty, predominantly in light of Brexit negotiations and the still-to-be-defined policy agenda of US President-elect Donald Trump, together with decelerated global GDP growth and growth outside the EU, will challenge the economic growth of the region. Also lack of structural reforms could impair the growth outlook for the region going forward.

The launch in 2015 of EU President Juncker’s Investment Plan for Europe aiming to boost investment in the EU raised hopes in the future of the economy. Although at present it is not yet fully clear what the real impact of the Plan will be, it is worthwhile noting the recent proposal to extend the European Fund for Strategic Investments (EFSI) – one of the three pillars of the Plan – both in terms of duration and financial capacity. A better understanding of the impact will come in 2017 or even 2018, as many of the projects under the EFSI will enter the implementation phase.

Bank capital

The recapitalisation effort that European banks have made in recent years is bearing fruit as EU banks show a solid capital position and have continued to strengthen their balance sheets making the European banking sector more resilient and robust.

The core equity Tier 1 (CET1) ratio of EU banks on a fully loaded basis in 2016, which includes only capital of the highest quality, is now 12.7%, more than double the same ratio in 2011. Banks in the European Union have reduced the original CET1 shortfall ratio by more than €500 billion from 2011 mainly by raising new capital and retaining earnings. Tier 1 and total capital have also shown a positive trend.

Bank funding

After a retrogressive direction in 2014, the share of deposit liabilities over total assets went up again in 2015 increasing from 50.4% to 51.2%. Since 2007 the trend has been upward, only falling in 2010 and 2014, reflecting bank shifts towards greater reliance on deposits as a source of funding. The rise in the share of non-banks’ deposits to total assets has continued moving upwards, rising from 34.9% in 2014 to 36.4% in 2015.

The country breakdown for total deposits shows the lowest shares recorded in 2015 were in Denmark (10.1%), Ireland (30.2%), Sweden (34.1%) and Finland (35.1%). The figures reflect, in part, different banking models, for example the well-developed covered bond markets in Scandinavia. Meanwhile countries with the largest shares of deposits financing banking sector’s assets were Bulgaria (70%), Slovenia (70.3%) and Slovakia (73.8%). The share of non-banks’ deposits to total assets was highest in Slovakia (68.8%) and lowest in Denmark (17.5%).


While the year 2014 recorded a moderate recovery in the total assets held by EU banks, the figure slightly contracted in 2015 by €61 billion or -0.1% from the previous year amounting to €43.38 trillion. The same slight decrease happened to the share of assets coming from the euro area falling from 71.8% in 2014 to 71% in 2015. From the geographical perspective, the largest contribution to the fall in the stock of assets is attributable to the euro area (-1.3%).

Considering the country breakdown, the countries with the strongest boost in absolute terms were Estonia with €1.7 billion (8.3%), Slovakia €4.8 billion (7.6%), and Czech Republic €11 billion (5.7%). While the United Kingdom (UK) was the country with the largest contribution (€358 billion, 4% of the UK’s total asset base), the other four largest European countries registered a reduction in their stock of assets – France (-0.3%), Spain (-4.9%), Italy (-2.5%) and Germany (-1.8%) – amounting to a €409 billion reduction. The countries with the most significant reductions in their stock of assets were Malta (-16.7), which happened to be in 2014 the country with the strongest boost, and Denmark (-5.3%).

The total assets of banks operating in the EFTA countries grew by €276 billion or 8.6%, practically matching the same growth as in 2014.

Bank profitability

After reaching a peak in 2007 the return on equity (ROE) – a key indicator to assess the bank sector’s attractiveness for investors – in the EU banking industry sharply contracted, due to the impact of the euro area crisis, falling to -1.5% in 2008. Upholding a slow recovery path (with setbacks in 2011 and 2012 when the ratio fell again into negative territory), the calculated median value of all ROE of all banks in the EU-28 in 2015 reached 4.3%, a meagre figure considerably lower than the 10.6% seen in 2007.

The ROE across EU countries has diverged since 2007 signalling growing fragmentation particularly across the euro area. After reaching a peak in 2013 (25.8), the dispersion around the average return on equity reached has substantially decreased falling to 9.0 in 2014 and further into 2015 to 7.4, a bit less than half the number seen in 2008 when deviation started.

Reflecting on the national breakdown, only a few countries are struggling with negative ROE: Greece (-24.2%), Cyprus (-7.6%) and Croatia (-6.8%). On the other hand, double-digit ROE was registered in Romania (11.3%), Sweden (11.2%), Latvia (10.7%), Czech Republic (10.3%) and Belgium (10.3%). The difference between the highest and lowest ROE was 35.5 percentage points in 2015, almost a third of the 101.3 recorded in 2013 (11.4% in the Czech Republic and -90.2% in Slovenia).

In the largest EU economies the ROE in 2015 was 7.0% in Netherlands, 6.8% in France, 6.6% in Spain, 3.2% in the UK, 3.1% in Italy and 1.7% in Germany.


The data has been compiled from publicly available information released by the European Central Bank, European Commission, Eurostat, the European Banking Authority, International Monetary Fund, national competent authorities and members of the European Banking Federation.

Number of banks and staff

The downtrend on the number of EU-28 credit institutions which started in 2009 continued in 2015, with the total falling to 7,049, a decline of 3% compared to the previous year, a reduction of 1,334 in total since contraction started. The rationalisation decelerated this year compared to the sharp fall of 5.9% in 2014 and became closer to 2012 figures when the number of banks declined by 2.5%.

The countries having experienced the largest contraction in absolute terms in 2015 were Hungary (-46 units), Germany (-34 units), and Ireland (-30 units), according to the ECB. Only Estonia (+2 units), Latvia (+2 unit), Czech Republic (+1 units), United Kingdom (+1 units), Lithuania (+1 units), and Malta (+1 unit) have increased the number of credit institutions, albeit in a very limited number. The number of credit institutions in the EFTA countries reached 423 in 2015.

By end-2015, EU-28 banks employed 2,864,106 people, 25,214 or 0.9% fewer than in 2014. The five largest EU economies continue to be the five countries with the largest number of employees in the banking sector employing practically 68% of the total EU-28 staff employed. Including EFTA countries, the number of staff employed in the banking sector surpassed the 3 million frontier with 3,011,780.

Also reflecting a contraction in the banking sector, the average number of inhabitants per bank staff in the EU Member States rose by 1.2% from 175 in 2014 to 178 in 2016.

Branches and subsidiaries

The rationalisation taking place in the EU banking sector also involved bank branches as the number of bank branches continued to shrink, falling to 188,851 in 2015. The total loss of 49,616 branches closed since 2009 equals a contraction of 19.07%. Compared to the previous year, branches in the EU-28 decreased by 7.06% or 15,466 branches which doubles the number of branches closed in 2014 (7,544), although the overall number of subsidiaries continued declining for the eighth straight year, with a moderate drop of 1.9% or 12 units compared to the record sharp drop of 65 units or 9.2% in 2014. The moderate fall is driven by the limited closure of subsidiaries of credit institutions from EU countries (13 in 2015 from 54 in 2014). The share of subsidiaries from third countries went positive for the first time since 2010 adding one in 2015 to reach 279 (compared with 351 of credit institutions from EU countries).

Lending and deposits

The data has been compiled from publicly available information released by the European Central Bank, European Commission, Eurostat, the European Banking Authority, International Monetary Fund, national competent authorities and members of the European Banking Federation.

General trends

The core banking activities of raising deposits from and providing credit to customers are increasingly important to Europe’s banks. Despite deleveraging by European consumers and businesses, bank deposits and loans grew in 2015.


Deposits accounted for 51.5% of Monetary Financial Institutions’ (MFI) liabilities in the EU by the end of 2015, up from 47.3% in 2007. Deposit liabilities in the EU rose to their second highest level in five years,  to €22.3 trillion, driven mainly by growth in deposits outside the euro area.

Deposits from other MFIs peaked at €8.1 trillion in 2007 but their fall has been more than offset by growth in deposits from non-MFIs, excluding central government.

Total deposits from non-MFIs excluding central government grew by 3.9% in 2015 to more than €15.7 billion in the EU at the end of 2015, with €11.5 billion in deposits in the euro area (based on its 2016 composition). This compares with €9.9 billion and €7.2 billon, respectively, in 2005.

The growth has been driven by an increase in deposits from households (including non-profit institutions serving households), which rose by 4% year-on-year to €8.7 billion and non-financial corporations (NFCs), up by 7.1% to €2.9 billion. Indeed, for the first time since 2005, NFC deposits surpassed those of financial corporations excluding MFIs, insurance corporations and pension funds.

With household and NFC deposits, there has been a clear shift to shorter-term deposits. Overnight deposits accounted for 46.3% of household and 72% of NFC deposits at the end of 2015, up from 33.7% and 58.8%, respectively, in 2008.


The total value loans outstanding from EU Monetary Financial Institutions (MFIs) increased by 2.4% in 2015 to €23.5 trillion, the highest level since 2012. The increase derived from growth in loans to other MFIs in the euro area as well as an increase in loans to non-MFIs in other EU Member States. Some of the growth in loans in other EU Member States is likely attributable to the euro vis-à-vis UK pound sterling (from GBP 0.8337 at the end of 2013 to GBP 0.73395 at the end of 2015, according to the ECB).

As non-financial corporations (NFCs) continued to deleverage, households drove the growth in loans in 2015.

NFC loans outstanding rose slightly to €10.4 trillion but this was still the second lowest level since 2006. The growth in NFC lending came mainly from other EU Member States rather than the euro area, primarily the UK, Sweden, Poland and the Czech Republic. Within the euro area, NFC lending in France, Germany, Luxembourg and Finland grew significantly.

Results from the ECB’s Bank Lending Survey in 2015 suggested an improving environment for small and medium-sized enterprises (SMEs) and large enterprises. Credit standards eased somewhat from the start of 2014 for both segments.

From Q4 2014, loan demand among SMEs began to grow for the first time since Q3 2011, followed by large enterprises in the  following quarter.

These trends point to a healthy appetite for new NFC lending and an accommodating banking sector.

By contrast, with the NFC sector, loans to households grew for the second successive year in 2015, although growth was fuelled by lending in other EU Member States. Household loans increased to their highest levels on record in both the euro area (€5.3 trillion) and other EU Member States (€2.4 trillion).

Some 74.4% of household lending in the euro area support house finance. However, these figures exclude securitised loans such as residential mortgage-back securities. When adjusted for loan sales and securitisation, total household loans were €5.6 trillion at the end of 2015.

Loan-to-deposit ratios

Loan-to-deposit ratios, which are calculated as loans outstanding divided by total deposit liabilities, have declined in recent years, falling from 166% at end-2006 to 132% by end-2015 in the EU.

Looking at the relative contribution of each sector to deposit funding and its relative importance in terms of loans outstanding, non-financial corporations (NFCs) would seem to be heavily reliant on deposit funding from households, which accounted for about 57% of bank deposits from non-Monetary Financial Institutions at the end of 2015. This was especially true in the euro area where the loan-to-deposit ratio for NFCs was 404% (down from 559% in 2011). This compared with 234% in other EU Member States. By contrast, the loan-to-deposit ratio for households has fallen from 97.1% in 2010 to 87.8% in 2015.

Focus: Digital Banking

The data has been compiled from publicly available information released by the European Central Bank, European Commission, Eurostat, the European Banking Authority, International Monetary Fund, national competent authorities and members of the European Banking Federation.

Digitalisation represents a key component of bank’s growth strategies. Banks can play a decisive role in accelerating the digital transformation of Europe and developing the European digital single market. On one hand, banks are the main source of finance to the European economy that is undergoing a process of capital-intensive digitalisation. On the other hand, guided by customer demand, banks are heavily investing in technology and partnering with technology start-ups to improve customer offerings and to transform their business models.

Digitalisation a priority for banks

Consumer demand as the key driver of banks’ digital transformation.

Consumers around the world are quickly becoming digital expecting a new kind of service proposition from banks, fitting to the digital age. In response, banks – and other providers – are assessing, developing and using innovative and technological capabilities (such as open APIs, blockchain, robot-advice and machine learning) to develop new delivery channels as well as to enhance services and products that deepen the relationship with their customers and maximise the customer experience.

Banks partnering with FinTech Start-ups

Banks have launched incubation and acceleration initiatives, as well as other investment vehicles that harness, foster and scale-up innovation. Networks of established and start-up firms in the FinTech area are emerging around an ecosystem anchored by individual banks. This is leading to vital growth in the technology sector, to job creation and accelerated innovation.

Cooperation and partnership in the banking sector among incumbent banks and new Fintech firms providing innovative products and services to the market is likely to increase. Indeed, the arrival of Fintech start-ups and the establishment of digital platforms has spurred innovation, accelerated the transformation of banks and opened a door to new win-win collaborations.

Some 77% of banks in Europe consider that working with start-ups will have a significant impact on their ability to deliver innovative solutions and more than half of banks recognise the considerable impact on their speed to market with innovations.

Banks have a lot to offer to Fintech start-ups, in particular, specific financial expertise (risk assessment, evaluation and management), scalability owing to their large customer base, as well as many years of experience in providing clients with regulatory-driven high levels of operational security, not to speak of financing needs. The complementary skill sets of banks and Fintech start-ups mean that both are well placed to cooperate.

Distributed Ledger Technology

From certainty and immutability to smart contracts, disintermediation of market players to compliance benefits, blockchain is emerging as a disruptive force, having the capability of reshaping the financial services industry.

In the banking and financial industry, distributed ledger technology (DLT) may have the potential to introduce a range of benefits for customers, firms and regulators. Primarily, DLT technology models may provide efficiencies in reconciling records both within organisations and across firms, and offer distinctive attributes through the incorporation of tools, such as alternative rules in the underlying protocol, electronic signatures, and smart contracts. Other features that have been attributed to the blockchain technology include the enhancement of security in payments and credit card fraud area through a decentralised transaction, the replacement of trusted third parties, through providing access to all participants in the value chain, a complete automation of transactional procedures, from payment to settlement, and a reduced margin of error through live tracking of transaction network users[1].

At present, there are 90 central banks across the globe engaged in DLT discussions worldwide, and 90 corporations (financial institutions and banks) have joined blockchain consortia, whilst 80% of banks across the globe are predicted to initiate DLT projects by 2017. In addition, more than 2,500 blockchain-related patents have been filed over the past two years[2].

Yet, it is arguably in the securities services market that blockchain technology may have the greatest potential. According to a recent survey from Deutsche Bank[3], a majority of financial markets players (87%) believe that this technology may completely reshape the settlement models for securities, with clearing and settlement processes becoming more efficient and less costly. In addition, 62% believe the introduction of blockchain technology will produce substantial savings ranging from 11% – 25%, whilst almost half (48%) stress that it will help the industry become more resilient to system failure and market disruption risks.

Overall, 78% see this technology being used on a regular basis within the next three to six years[4].

[1] Yessi Bello Perez, “Santander: Blockchain Tech Can Save Banks $20 Billion a year,” CoinDesk, June 2015

[2] World Economic Forum, “The Future of Financial Infrastructure: An Ambitious look at How Blockchain can Reshape Financial Services”, August 2016.

[3] Deutsche Bank, “Powering the Flow of Global Capital”, October 2016.

[4] https://www.db.com/newsroom_news/Deutsche_Bank_Investor_Report.pdf

Facing the digital threat

With the significant digital turn in the banking sector in the past four years, not only has the technology sector been innovating and developing, so has criminality.

Cyber criminality has been on continuous and exponential growth curve for the past five years and has created an overall alternative to the threat to the physical infrastructures. The criminals have started to move from traditional robberies to digital crime, in view of the increasing implementation of various protective measures and the constant progression towards cashless payment systems and other digitalisation.

We are also witnessing an increasing interaction between physical and digital attacks (both cyber attacks and IT frauds) where the employee’s criminality is becoming more of an issue. The banking sector in the digital age will be facing many threats in the coming years and will have to envisage an integrated approach towards security (both physical and digital).

In its Internet Organised Crime Threat Assesment (IOCTA) Europol describes the situation as follow: “The volume, scope and material cost of cybercrime all remain on an upward trend and have reached very high levels. Some EU Member States now report that the recording of cybercrime offences may have surpassed those associated with traditional crimes. An expansion both in the number of cybercriminal actors and opportunities to engage in highly profitable illegal activities has partly fuelled this trend, as has the development of new cybercrime tools in areas such as ATM fraud and mobile malware. However, a large part of the problem relates to poor digital security standards and practice by businesses and individuals. A significant proportion of cybercrime activity still involves the continuous recycling of relatively old techniques, security solutions for which are available but not widely adopted.

Taking a closer look at the geographical analysis of the cyber crime perpetrated during the first quarter of 2015 (reported by securelist.com) we notice that western Europe, where physical attacks are on a downward trend since 2010 (circa 50%), holds the highest number of malware attacks. According to Kaspersky Lab, as many as 5.106.804 notifications of malicious activity were registered for Q1 2015 only.

Among the EBF members, according to the Kaspersky numbers, we find in the top ten countries with the most users attacked: Germany (51.670 attacks), UK (25.269 attacks), Italy (17,663 attacks) and Spain (17.416 attacks).

Hybridisation between physical and digital attacks

Banking infrastructure has progressively grown to integrate new external elements connected to the internet.

ATM, Online Banking platform, Mobile Application, Phone Banking facilities around a complexifying office infrastructure are offering to the customer digital services easily integrated into daily life. This exponential development has created a number of weak points along with criminal opportunities.

The simplified network example below highlights the number of internal/external interactions each of them being an intrusion or fraud opportunity.

In this section, we will review the different trends and type of criminal activities targeting the different sections of the infrastructure. The analysis of the different elements will underline the digital/physical part of each criminal attempt, and more importantly, offers an overview of the complex hybridisation between both types of criminals. A further important element, in the various IT fraud and cyber attacks, will be the role played by the employee.

Outside of the physical attacks against ATM discussed in the above section (gas, explosives and ‘on pavement attacks’) a number of criminals have developed a considerable amount of skills to work around the implementation of ingenious countermeasures put in place by industry and law enforcement.

 Hardware targeted attacks

Contrary to the purely physical attacks that target the safe and money cassettes, the new hybrid attacks will targeting hardware part of the device.

In its report “Future Attack Scenarios against Authentication Systems Communicating with ATMS” Kaspersky summarises the device’s general problem: “ATM devices combine multiple units that are used to process the transaction and the money. Some of them are involved directly (e.g. a dispenser contains a money in cassettes) and indirectly (e.g. PC computer, that controls devices) with money. Such devices are interconnected with each other. Devices inside ATM box are considered trusted and it is supposed, that they can not be tampered or substituted with a rogue one. But often this practice is just a security through obscurity and devices doesn’t have proper measures to identify the authenticity of unit endpoints (e.g. unprotected communication between the ATM core and ATM units.)

The means needed to connect to the ATM’s networking infrastructure remain basic e.g. via SDC, USB or RS232 port. The standardisation of the transmission channel will offer an easy access with no specific measures preventing the attacker to interact with the device control unit. These connections result in “[…] direct control over ATM units, the use of undocumented functions (e.g. changing the unit firmware). The criminals may also use a software or hardware traffic analyzer, installing it directly on the port of a particular device such as a card reader in order to obtain the transmitted data. And this analyzer will be difficult to detect. Direct control over the dispenser means the ATM cassettes can be emptied without any entries being made in the ATM software logs.

Software targeted attacks

The software used in almost every ATM comprises:

  • operating system
  • ATM units management software
  • software used to interact with the user (ATM consumer or operator)
  • software used to communicate with the processing centre (which provides the information and technological aspects of the transaction)
  • anti-virus software, or integrity control software

As highlighted by Kaspersky, this infrastructure “[…] is sufficient for the ATM to carry out its immediate functions, but for some reason, certain banks also install Acrobat Reader 6.0, Radmin, TeamViewer and other unnecessary and in some cases even dangerous software. When it comes to the operating system, the vast majority of ATMs still use … Windows XP! Despite the fact that Microsoft stopped issuing security updates for it in April 2014. Of course, 0-day vulnerabilities for this system will remain unpatched. The engineers servicing ATMs often think that if the ATM is working, it is better “not to touch” (read: “not to update”) it. As a consequence, some cash machines still have the unpatched critical vulnerability MS08-067 which allows remote code execution. ATM units are implemented on microcontrollers based on real-time operating systems (RTOS), which is particularly irksome for the guys with IDA Pro because static analysis is almost unheard for such systems.That’s basically all the information cybercriminals need to start hacking.

During one of the sessions at the Security Analyst Summit of 2016 Eugene Kaspersky tweeted a shocking example of thousands of ATMs potentially vulnerable to network attacks on Shodan (the browser of the Internet of Things).

Attacks against mobile banking and online servicess

Malware and rogue website redirection are the tip of the iceberg of the threat to online and mobile banking customers.

The introduction of mobile payment apps, Narrow Field Communication (NFC) enable payment devices and cards and Quick Response (QR) code payment have opened the door to more interference between the buyer, the payment service provider and the payee. Loose or non-existent authentication is the first critical factor, followed by limited countermeasures.

The Narrow Field Communication (NFC) example

As reported by the Finextra and Techtimes websites in their respective studies on NFC, the contactless payment sector seems to be the one where NFC has generated the most interest.

By definition the contactless payment is insecure as demonstrated in many recent studies. The “potential threats of NFC are eavesdropping, data modification (i.e., alteration, insertion, or destruction), and relay attacks. Eavesdropping can be avoided by secure communication, while data modification may require advanced skills and enough knowledge about RF transmission, as well as ad-hoc hardware to perform the attack. A relay attack, defined as a forwarding of the entire wireless communication, allows to communicate over a large distance. A passive relay attack forwards the data unaltered,unlike an active relay attack” as outlined in the paper “Practical Experiences on NFC Relay Attacks with Android: Virtual Pickpocketing Revisited” presented at the 2015 HITB Security Conference.

The developing environment such as Android offers common open framework granting to developers including banks and other financial services the opportunity to create and offers apps that will interact with the signals (emitted in the radio frequency range). Where the proprietary apps (banks’ app, e-wallet and emulated cards, operate on segmented layers. The transmission channel is standard and common to all manufacturers. The contactless nature of the interaction leaves room for signal interception. The paper mentioned above describes two attack scenarios which will highlight the process of these fraudulent interactions.

In [scenario 1]we envisioned a network of Android infected devices (i.e., a botnet) that communicate with the bot master when a contactless payment card is detected. The bot master can use this smartcard to conduct illegal transactions with an honest verifier, or even multiple transactions at the same time collaborating with multiple dishonest verifiers. We named this attack as distributed mafia fraud. [Scenario 2] foresees the same scenario than before, but with multiple dishonest provers committing fraud at the same time, as a way to hide their real location. Note that contactless payment cards implement security mechanisms such as asking for a PIN after several uses and checking of atypical paying locations. These mechanisms clearly minimise the impact of the second threat scenario envisioned.

Attacks against internal infrastructures

Attacks against internal banking infrastructures require a fundamental ingredient to gain access to the sensitive data. As described jointly by NetGuardians and Temenos in their report “A-Z of Banking Fraud 2016”: “ACCESS is the most important ingredient in any bank fraud and more than anything else this means access to the IT systems that run the bank’s day-to-day operations and enable its customers to manage their accounts. Gaining uncontrolled access to the bank’s IT systems enables a fraudster to steal or alter sensitive information, execute illicit transactions and remove evidence of their activities. It is, of course, possible for fraudsters to break into a bank’s IT systems from outside if they are able to exploit weaknesses in its security. However, in practice, it is much more likely that a bank will experience fraud that originates within the organization due to the high level of access to sensitive data that must be granted to thousands of staff in order for them to do their jobs. Many staff are able to see sensitive customer information in the course of their work, but staff in certain crucial roles will have greater user privileges than most of their colleague.They will, therefore, have a much higher degree of access to the system and the ability to change and update it without necessarily attracting any scrutiny. In particular, the roles of IT systems administrators and database administrators both require that they have very high levels of access to the bank’s critical systems. The activities of systems and database administrators should attract special attention within a bank’s security monitoring and it is vital that staff such as these with high user privileges are not able to bypass audit trails and operate “below the radar”.

According to their findings 70% of the fraud in the US in 2015 was committed by industry insiders i.e. employees. Even for the 30% of fraudulent activities remaining, the outsider mainly relied on internal employees’ information or intercession, willingly or unwillingly provided.

For example, email induced malware attacks rely mostly on the credulity of the mail recipient opening infected attachments, responding to phishing emails or interacting with infected websites.

Data on national banking sector

The data has been compiled from publicly available information released by the European Central Bank, European Commission, Eurostat, the European Banking Authority, International Monetary Fund, national competent authorities and members of the European Banking Federation.

Statistical annex

All figures as at 31 December 2015

The  data has been compiled from publicly available information released by the European Central Bank, European Commission, Eurostat, the European Banking Authority, International Monetary Fund , national competent authorities and members of the European Banking Federation