Eight months after suffering a data breach the Bank of Montreal says it is integrating its cybersecurity, fraud, and physical security capabilities into a new financial crimes unit.

The unit will be headed by Larry Zelvin, former managing director and global head of cyber security at U.S.-based financial giant Citigroup Inc.  Before that he was director of the National Cybersecurity and Communications Integration Center at the U.S. Department of Homeland Security and senior director for response at the U.S. National Security Council.

He joins the bank Jan. 14.

The unit, which will work with BMO’s anti-money laundering department, will leverage a fusion center model. According to the Booze Allen Hamilton consulting firm, fusion centres bring together disparate groups within an organization to boost intelligence, enhance response speed, reduce costs, and leverage scarce talent. “As a result, companies realize faster and more efficient threat awareness and mitigation before, during, and following a cyber breach,” it says.

According to the Globe and Mail, the new financial crimes unit will have a staff of nearly 700.


“Given a growing reliance on advanced digital technologies, the financial services industry is faced with more sophisticated financial crime activities that often exploit misaligned fraud and cyber security practices,”  Darryl White, BMO’s chief executive said in a statement.  “It is critical that we continue to invest, and develop our talent and processes to protect information of our customers, the bank and our partners.”

In May, 2018 the Bank of Montreal and CIBC’s Simplii Financial online bank began investigating apparent breaches of customer information, each apparently involving tens of thousands of customers. At the time BMO issued a statement saying “fraudsters” had told the bank they had some personal and financial information of “a limited number of customers.”

Steve Tennyson, BMO’s chief technology officer, told the Globe and Mail the bank learned lessons from that breach. Attackers are more sophisticated than ever, he said, including using automated bots.