Digitalization For Secure And Uninterrupted Service

Increased digital use leads to greater exposure to cybersecurity risks, and the improved threat profile results in elevated effect of the diversified risks of the digital environment. Constantly investing in technology, uninterrupted processing capacity, infrastructure security, cost efficiency and energy saving in light of corporate governance and international standards; Garanti BBVA, through its subsidiary Garanti BBVA Technology (GT), sharpens its monitoring effectiveness since 1981. The company allows Garanti BBVA to put measures in place more rapidly and to become aware of global threats at an earlier time via networks that GT belongs to. Accordingly, Garanti BBVA’s internet access architecture has been restructured with a risk-based perspective.

With its strategy, “Better IT, Better Business”, Garanti BBVA continuously invests in cloud technology and microservices in order to ensure cost saving and introduction of solutions at a faster pace, and positions its application architecture and security layers so as to support these technologies. Through these initiatives, Garanti BBVA targets to better adjust to the new business models presented by the constantly digitizing world, and to deliver its clients a better customer experience by transforming Big Data infrastructure investments into business intelligence solutions and open application platforms.

DDOS (Distributed Denial of Service) attacks that dominated the country’s agenda in 2019 made the safeguarding of infrastructure a priority need for all organizations. To counter the risk of attacks originated abroad to interrupt the country’s communication infrastructure and organizations’ services, Garanti BBVA based and configured its intrusion prevention systems starting from abroad. The Bank observed the benefit of this technological transformation despite increased attacks. In addition, Garanti BBVA led the sector with this approach that served to increase the Bank’s security and contributed also to safeguarding the country’s communication infrastructure.

The opportunities offered by digitalization also transform issues regarding data protection and security into one of the most significant risks. Taking precautions against all risks, which could prevent secure and uninterrupted service, particularly cyber threats, ensuring information security and informing customers on related issues are among the material topics, both for Garanti BBVA and its stakeholders.

Garanti BBVA carries out activities ensuring continued awareness of compliance with laws and Corporate standards, and development of processes that guarantee management of IT/information security and IT related risks, in order to effectively manage reputational risk across the Bank. In terms of governance, the Information Security Committee headed by the CEO coordinates all efforts within the Bank to guarantee information security and monitors policies, procedures, and regulations.

Adopting an “enterprise external fraud prevention” approach within the framework of customer protection principles, Garanti BBVA implements a customer-driven management of incidents of fraud involving card transactions, account transactions, POS transactions and loan product applications carried out through any branch or non-branch channel.

Garanti BBVA adopts a proactive approach giving the foreground to customer experience when developing its strategies to monitor, detect, control and prevent evolving acts of external fraud. Customer Security and Transaction Risk Management Department works with a proactive approach to minimize the potential losses of the Bank and the customers, employing data-driven and AI-supported decision making processes against incidents of fraud.

The Department formulates views and suggestions on the Bank’s new product and process developments upon assessing the same with respect to external fraud risks. Monitoring dynamically evolving fraud methods and fraud trends both on a national and international level, the Department continues to take actions dynamically based on data governance and data analytics. Garanti BBVA continues to collaborate with its stakeholders to increase anti-fraud awareness and initiatives across the banking sector and other associated sectors, against fraud events.

Customer Security and Transaction Risk Management Department closely follows up technological developments, makes assessments together with various national/international service providers, and leads technological developments in order to carry out fraud risk management in the most efficient and effective manner, and to deliver the best experience to Garanti BBVA customers. In addition, the effects of the developments made with a focus on strengthening analytical structure and data-driven decision making processes upon fraud prevention and customer experience are constantly monitored. Also instant tactical updates focused on customer experience and security are performed while observing stakeholders’ strategic priorities and the ecosystem.

There are Information Security, Cyber Security, Protection From Phishing Attacks trainings which are given back to all Garanti BBBVA employees for every year. These trainings are mandatory and its content is regularly revised. Our employees completed following trainings: Information Security ( 14,559), Cyber Security (9,879), Protection From Phishing Attacks (14,874). As a response to risk, the completion of these trainings are remembered by e-mails to all employees. Also, Security awareness e-mails and bulletins are shared with employees .Cyber Security game is designed to raise awareness throughout Garanti BBVA. Security Awareness Month is planned which phishing simulation, security game activities and security talks are taken placed. Security Awareness Month is planned which phishing simulation, security game activities and security talks are taken placed.