PHYSICAL SECURITY

The EBF 2019 Report on incidents against bank infrastructure and staff (Physical Security Report) was produced together with the European Banking Federation’s (EBF) Physical Security Working Group. The Report contains data from the years 2017 and 2018.

Since 1993, the EBF has prepared similar reports on bank raids, risk rates, modus operandi etc., describing the latest trends in robberies, automated teller machine (ATM) and cash-in-transit (CIT) attacks.

Based on the contributions submitted by 17 national banking associations (Belgium, Cyprus, Czech Republic, Denmark, France, Germany, Greece, Iceland, Ireland, Italy, Luxembourg, Portugal, Romania, Slovakia, Spain, United Kingdom and Australia), the Report provides an overview of the status of physical criminal activity against banks mainly across Europe.

The objective of the Report is to serve as a reference for the banking industry (i.e. national banking associations and banks) to share information about the trends and patterns of the attackers, as well as the remediation methods used.

Considerable variations on the history of robberies and on the respective economic situations exist among countries and should be taken into account.

Due to the sensitive nature of the information contained in the Report, the EBF reserves the right to keep its content confidential and accessible to EBF members only.

The introduction below includes some remarks following the analysis of the data.

PHYSICAL SECURITY LANDSCAPE 2019

Once more, the EBF Physical Security Report aims to provide EBF members with consolidated data regarding national experiences which look at bank robberies, attacks on automated teller machines (ATMs) and cash-in-transit (CIT), covering both incidents and successful attempts.

Out of a detailed analysis of the 2018 statistics (also in comparison with 2017 numbers, where appropriate) on bank robberies from the 15 countries that provided their data, the EBF has brought to light some general tendencies across Europe.

SPECIFIC REMARKS


First, the downward trend in the number of bank robberies continued in 2018.

Another trend confirmed in the Report is the worrying increase in the total number of attacks on ATMs.

Regarding CIT, there is still a large number of attacks. This observation is also confirmed by the data and statistics of the European Security Transport Association (ESTA), which collects data from a wide range of countries, providing an accurate picture of the state of play.

The Report further demonstrates a decrease in traditional physical bank robberies in 2018. Once more, the number of bank robberies committed differs from one country to another, from zero in several places to more than 250 in one EU jurisdiction.

A third conclusion from the Report concerns the decrease in losses for banks after physical attacks. This may be due either to the change of branch structures to reduce employees’ access to certain valuables (e.g. cash) or to the application of compartmentalisation or the installation of Intelligent Banknote Neutralisation Systems (IBNS) and delaying systems. As a result, the Report notes a certain success in the prevention work carried out by banks in recent years.

Despite the declining trend in 2018 data of physical attacks, criminals still abuse the infrastructure weaknesses of banks with changing modus operandi. This demonstrates that the protection against robbery and burglary still requires close attention and a dynamic and innovative development of countermeasures. More than ever there is an essential need to envisage and anticipate the security of the facility management as a global issue encompassing the physical, as well as the cyber element of the security of banks.

In addition to these conclusions, the Report highlights that the general trend of physical attacks has shifted towards attacks on ATMs.

In particular, the total number of ATM attacks has increased significantly since the previous Report, with the situation in some countries even resembling to an “epidemic” of ATM attacks. The number of incidents, as well as the total losses from such types of attacks are very concerning, even despite the installation of anti-explosive and/or anti-gas systems and the strengthening of ATM vaults.

Besides the losses to banks in cash and infrastructure, there are often damages to surrounding buildings and machines, which cannot be estimated from the analysis of such data. The same remark applies to attacks against CIT, which essentially concern the insurance companies.

As a conclusion and despite the downward trend in the traditional bank robberies attacks, banks should continue to invest in countermeasures focusing on ATMs and CITs.

More generally, it is vital for the industry to enhance and deepen private-private and public-private partnerships, i.e. between banks and external service providers (e.g. CIT services/ vendors) and between banks, law enforcement and the judiciary which has proven effective and will remain important in order to effectively tackle crime. For this reason, security committees, banks and competent authorities need to actively develop their combined efforts in the field of investigation and to streamline their approaches, e.g. in real-time information sharing, coordination of security measures, the provision of agreed guidelines and the deployment of best practices etc.

The EBF, as the voice of European banks, is committed to continue facilitating the dialogue for resilience in banking, in the frontline of the fight against criminals. The above remarks should be assessed and considered together with the increase of cyber criminality, which is another exponential trend, and the development of new payment methods, such as instant payments. The EBF’s dedicated workstreams on cybersecurity, anti-money laundering and payments address these financial crime issues.