Banks seeking help from security institutions such as the NSA to foil hackers may find that too close a relationship carries costs.

Banks seeking help from national security organizations to foil crooks may find that too close a relationship with spy agencies can hurt rather help a firm’s image, particularly outside its home country.

Claims, for example, that the US’s National Security Agency has been spying on its own citizens – as well as foreigners – on a vast scale have been cited by tech giants such as Google as a serious blow to the image of Uncle Sam abroad. And that could hit the reputation of big US-headquartered banks, including those operating in the wealth and private banking sphere. But this is an issue that other countries cannot afford to be complacent about, either.

Google chairman Eric Schmidt warned recently that NSA spying will "break the Internet" and encourage countries to create their own networks to foil spying from the US.

It is a complex issue because as recent news reports about hacking attacks on JP Morgan and others have shown, banks have legitimate cause to expect state agencies, paid for by their taxes, to help ward off criminals. JP Morgan said in early October that as many as 76 million households had been affected by a security attack. The issue has also taken a twist amid claims – strenuously denied – that the Russian government may have been behind some of the attacks. Such cybercrime is a major concern for the wealth management sector, as this publication has learned from figures in the industry. (See here.)

But if banks, in their understandable urge to protect themselves, get too close to government agencies, the guard dogs could scare off customers rather than the villains. It is proving to be a difficult balance to get right.

"There is a risk premium now with US products and services,” Robert Neivert, chief operating officer of Private.me, a California-based company that enables internet-goers to search online without the risk of being tracked, told this publication in a recent call.

One worry has been that if different countries become sufficiently angry about spy agencies snooping via certain channels, it could break up the global internet from being a global system to one fractured along national or regional lines. (In reality, there is not a completely unified system at the moment anyway.)

"If the Internet is broken up, it will be increasingly more expensive to go from country to country. This will make it much more expensive and difficult to grow globally from Silicon Valley; with so many different standards and barriers, companies will be forced to build local data centers and hire local employees to service any given country or region,” Neivert said.

“It [impact of NSA spying program] affects a lot of things because people are nervous of how far the government will go now," he said. "Now there is a question mark. I don't know if this [NSA scandal, aftermath] will scare people off [from US services]. People don't deal with rare threats very well....we don't think about these things until they happen to you,” he said. Any blow to trust in US services as a result of developments such as spying scandals can take a long time to repair, he added.

Even if the US government, either the present or future one, realizes that over-reach on security can damage American financial/other interests abroad, it is not in the nature of governments to row back from such mistakes, Neivert said. There is more likely to be change from the private sector as firms seek to find ways to avoid the damage caused by the NSA issue, etc, he said.

Clouds, robots and hackers

At a time when the wealth industry is abuzz with chatter about the rise of “robo-advisors” as well as more long-standing developments in areas such as Big Data, cloud computing and mobile banking, the last thing the sector needs is perceptions, whether justified or not, that the state agencies of Western countries might be overstepping the mark and putting the internet at risk.

How much such fears of NSA-type scandals causing problems are justified is difficult to judge. At the American Banking Association, the organization has signaled how serious cybersecurity and related issues are when Doug Johnson, a senior figure at the ABA, recently had his business title changed to that of senior vice president, payments and cybersecurity policy. He was previously SVP and senior advisor on risk management policy.

When people see the NSA and any large company having a relationship, there will be concerns. Business sectors differ widely in the type of data/information they deal in and have access to. A lot of the data that banks make available for inspection is not of the sort that would reveal personal information, he told this publication.

Asked about how banks can strike the right balance between security, transparency and protection of legitimate client privacy, he said the banking industry already has gained a lot of experience in fighting money laundering in how to set a balance.

"It is not as difficult [to strike a balance] as people might think," said Johnson.

Banks of different types have in recent years asked for technical and specialist assistance from organizations such as the NSA, such as over denial of service attacks, he continued, and referred to a number of recent breaches at large organizations.

US banks now share information about potential and actual breaches via the Financial Services Information Sharing and Analysis Center, which was created in 1999 by the Clinton administration.

As this publication has reported recently, cybercrime and internet-related problems are now a major issue for the world’s wealth management industry. At a recent conference in London, Stella Rimington, the former head of the UK’s M15 domestic intelligence agency, said state security agencies were being asked to provide expert advice to firms about electronic attacks. What remains to be seen is whether the idea of calling in Big Brother to foil the bad guys also means Joe Public gets scared off as well.