Security

We see security as an opportunity to strengthen customer satisfaction, customer care and our reputation.  In line with our business model, our security efforts focus on customer centricity in two ways by:

• providing customers the comfort that comes from having the strongest security possible

• developing advanced solutions and optimal processes

We take every reasonable precaution to protect our customers’ information, to increase the security of online transactions, and to prevent credit card fraud and thefts in bank branches.

We continue to develop a groupwide approach to security in terms of our organizational structure and our array of clearly defined solutions to global risks.  Our investments in infrastructure and technology increase the security of both physical and virtual products and channels, thereby protecting the safety and finances of our colleagues and customers.

Business continuity and crisis management

Our corporate sustainability is based partly on our ability to guarantee the operational continuity of all vital activities, as well as to recover from disasters.  With this in mind, we developed two policies:

• The Crisis Management Policy, which is supplemented by related process regulations and technical specifications, establishes a framework to identify, assess and respond quickly to crises.

• The Business Continuity Management Policy, a new version of which includes improvements and synergies in the recovery process, defines reporting procedures with respect to the parent company and outlines the solutions at its disposal.

Our Business Continuity and Crisis Management System was activated during the earthquake that hit the Abruzzo region of Italy in April 2009.  It quickly engaged several of our key local entities, including UniCredit Banca di Roma, UniCredit Corporate Banking, UniCredit Private Banking and UGIS (UniCredit Global Information Services).  This process ensured the rescue of local colleagues affected and the prompt restoration of customer and business services.

The effectiveness of our approach has also been demonstrated by the security assistance we provided during such international events as London’s G20 meeting and the G8 meeting in Syracuse, Sicily.

Robberies and thefts

In 2009, we carried out many activities to prevent and reduce robberies and thefts at branches groupwide.  We are also working to complete a new access control system in branches within 2010, and our Anti-Fraud Unit has reviewed existing business processes in an effort to develop more effective system controls and security assessments.

Card fraud and online banking

Our strategy to combat attacks on ATMs and new types of security breaches connected with internet banking, such as advanced phishing techniques and malware viruses, included the optimization of the following tools and processes relating to card fraud management and prevention:

• transaction monitoring

• POC (point of compromise) detection

• precautionary card blocks

• SMS alert promotion

• improvement of product features, such as chip technology

• anti-skimmer protection for ATM and POS devices

• requiring customers to use access codes generated by portable tokens

Other activities and projects developed in 2009 focused on the implementation of new IT solutions for data loss prevention.

For further information and statistical data, please see the “Our Customers” chapter in the 2009 Sustainability Report.