• Review of KIISC
• /
• v.23 no.6
• /
• pp.41-48
• /
• 2013

전자금융 사기범이 전화, SMS, 이메일을 통하여 통신회사, 경찰청, 검찰청 및 금융감독당국 등을 사칭하여 피해자로 하여금 사칭기관의 위장 홈페이지로 유도하여 피해자의 금융 정보를 불법적으로 취득하여 피해자의 금융자산을 인출해나가는 금융 분야에서 발생하는 특수 사기범죄의 피해가 줄지 않고 있다. 이에 대한 대책으로 금융감독당국과 금융회사는 지연인출제도, 카드론 취급 강화, 공인인증서 재발급 및 사용절차 강화, 대포통장종합관리시스템 구축 및 홍보 강화를 하고 있지만 이들 방법은 전자금융사고 피해가 추정되는 고객뿐만 아니라 그렇지 않은 대다수 정상적인 전자금융거래 이용자에 대한 전자금융거래의 불편을 야기하고 있으며 전자금융사고 발생중의 실시간 이상증후 탐지를 반영하고 있지 않다. 본 논문에서는 금융회사 홈페이지에서의 전자금융거래 이용자의 접속행위, 공인인증서 사용행위, 온라인 송금행위 측면에서 거래행위를 분석하여 전자금융사고 혐의 이상증후에 대해 금융회사의 실시간적이고 능동적으로 대응하는 방안을 제시한다.

• The Korean Journal of Financial Management
• /
• v.26 no.2
• /
• pp.113-153
• /
• 2009

Financial conglomerates combine banking, securities, insurance and other financial services within a single economic entity. In this paper we analyze the effect of financial conglomeration on the default risk of financial companies in the Korean financial industry. We use two risk measures based on individual company level as proxies of the default risk, one is Z-index proposed by Altman(1968) and the other is the weighted capital adequacy ratio. We find that financial conglomeration has a negative effect on the default risk of financial companies. The asset size and diversity level of financial conglomerates, however, are negatively correlated with the default risk of financial companies. These results mean that in the Korean financial industry, even though the economy of scale and scope does exist, financial conglomeration does not translate into lower risk of financial companies composing financial conglomerates.

• 한국IT서비스학회:학술대회논문집
• /
• 2002.06a
• /
• pp.14-17
• /
• 2002

1997년의 외환위기를 계기로 국내 금융산업에 본격 적용된 구조조정은 자산부채인수 (P&A, Purchase & Assum ptions), 합병인수 (M&A， Merger & Acquisition), 금융지주회사라는 방법을 통하여 시행되었다. 자산부채인수방식은 구조조정 초기 5개은행, 금융지주회사 방식은 정부주도하의 우리금융지주회사와 순수민간에 의한 신한금융지주회사, 합병인수방식은 최근의 우량은행간 합병으로 대형화 및 겸업화를 도모한 국민 ${\cdot}$ 주택은행이 있다. 이러한 과정에 필수적으로 수반되는 가치평가의 항목에 대하여 살펴보고자 한다.

• Review of KIISC
• /
• v.23 no.1
• /
• pp.35-43
• /
• 2013

국내 시중에는 약 304개 금융회사가 금융 및 보험 상품 서비스를 제공하고 있으며, 최근 금융감독원에서는 국내 304개 금융회사(생 손보 39개사)를 대상으로 한 개인정보수집 이용제공 동의서 운영실태 점검 결과 총 49개 금융회사에서 문제점이 발견되었다. 2012. 2. 17일 개정된 정보통신망 이용촉진 및 정보보호 등에 관한법률에서는 본인 인증확인기관, 법령에서 별도로 수집 이용하는 경우와 방송통신위원회가 고시하는 경우 이외에는 주민등록번호의 사용을 제한하고 있다. 본 연구에서는 국내 개정된 정보보호 관련 법률 관점에서 현 금융회사의 개인정보 활용 및 그에 따른 보안 실태를 연구하고 관련 결과에 따른 법적 IT컴플라이언스를 준수할 수 있는 개인정보 치환 및 관리 방법론 등 관련 법률과 기업의 사회적 책임(CSR)을 만족시킬 수 있는 방안을 제언하고자 한다.

• Proceedings of the Korean Information Science Society Conference
• /
• 2011.06d
• /
• pp.98-101
• /
• 2011

금융회사들은 자사와 제휴 또는 외부 주문하고 있는 사업자들에 대해 전자금융 침해사고 예방을 위한 안전성 점검을 개별적으로 실시하고 있다. 이러한 개별점검 방식은 금융회사와 제휴사업자 모두에게 인력 및 비용, 시간 면에서 비효율적이며 금융회사마다 점검기준이 서로 달라 제휴사업자 측면에서 대응하기가 어려운 상황이다. 따라서 본 논문에서는 금융회사와 제휴 또는 외부 주문하는 사업자들에 대한 개별점검방식의 문제점을 보완할 수 있는 합동점검 프레임워크 구축 개발을 통해 합동점검의 효율성을 기술한다.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.4
• /
• pp.941-950
• /
• 2018

The form of information security organization of a financial company has various organizational forms in accordance with the responsibilities and roles of the Chief Information Officer (CIO), the Chief Information Security Officer (CISO) and the Chief Privacy Officer (CPO). However, it is necessary to examine whether these various types of information protection organizations are the optimal organizational forms. In this study, six types of information security organizations among the various types of information security organizations in terms of CISO, CIO, and CPO relationship were selected as candidates. This paper aims to study and elucidate the optimal organizational form of information security for financial companies.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.16 no.3
• /
• pp.29-38
• /
• 2016

A financial institution operated by cooperatives, abiding by the principle set by the cooperative federation, is comprised of a numerous financial institutions. Most of these small institutions are operated within local areas, providing financial services for coop members. The Financial Supervisory Regulations that supervises security professionals, organizations, and budgets are established entirely based on commercial banks in which the application of these regulations on coop financial institutions may not be proper. This paper aims to provide an efficient IT security policy for nation-wide financial institutions operated by the Cooperative Federation by analyzing its security personnel managements and adequacy.

• Information Systems Review
• /
• v.21 no.4
• /
• pp.47-68
• /
• 2019

As cloud services and deployment models become diverse, there are a growing number of cloud computing selection options. Therefore, financial companies need a methodology to select the appropriated cloud for each financial computing system. This study adopted the Balanced Scorecard (BSC) framework to classify factors for the introduction of cloud computing in financial companies. Using Analytic Hierarchy Process (AHP), the evaluation items are layered into the performance perspective and the cloud consideration factor and a comprehensive decision model is proposed. To verify the proposed research model, a system of financial company is divided into three: account, information, and channel system, and the result of decision making by both financial business experts and technology experts from two financial companies were collected. The result shows that some common factors are important in all systems, but most of the factors considered are very different from system to system. We expect that our methodology contributes to the spread of cloud computing adoption.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.29 no.5
• /
• pp.1191-1204
• /
• 2019

In January 2019, the government revised the regulation on electronic financial supervision to revitalize the use of cloud in the financial sector. However, as cloud policies and regulations cloud undermine financial firms' autonomous security activities or restrict some of the people's basic rights, there has been little movement in the financial sector to use important information as the cloud. In addition, the data localization policy, which requires important information to be kept only in Korea, is a representative regulation that prevents the revitalization of cloud use, which also creates discrimination problems for overseas operators. Therefore, policy and regulatory improvements are needed to enable the cloud to provide a foundation for digital financial innovation through data. This study looked into the current status of cloud policies for domestic and foreign financial companies and analyzed policies and regulations for domestic financial companies. Through these efforts, the government aims to draw up limitations and problems in cloud policies for domestic financial companies and propose policy alternatives, such as measures to improve regulations on localizing data for financial companies to revitalize their use of cloud.

• The Journal of the Convergence on Culture Technology
• /
• v.3 no.4
• /
• pp.199-205
• /
• 2017

As cloud computing can utilize the proper allocation of system resources, it can be expected to have great benefits in terms of maintaining availability and reducing costs when a cloud is applied to a financial company's computer system. Although some provisions of the Financial Supervisory Regulation were revised in October 2016, this is limited to non-critical information processing systems, limits are remain whitch the application of cloud computing to the whole computer system of financial companies including electronic financial systems. In this paper, cloud security requirements are studied for the application of financial company's computational infrastructure system.