chart of top 100 banks DMARC adoption

In the second quarter of 2021, we investigated DMARC adoption among the world’s top 100 banks based on assets as reported. A year later, we’ve run the numbers again to see how DMARC adoption is faring in the highly targeted financial services sector.

Here’s what we learned:

chart of top 100 banks DMARC adoption advancement

From Q2 2021 to Q2 2022, we saw the following trends in DMARC compliance, measured in percentage increase or decrease, among the world’s top 100 banks:

  • 28% increase of DMARC policies set to p=reject
  • 200% increase of DMARC policies set to p=quarantine
  • 29% decrease of DMARC policies set to p=none
  • 18% decrease of companies lacking a DMARC policy

The trends we observed illustrate an optimistic progression of DMARC compliance in the growth of p=quarantine and p=reject policies. Banks and financial institutions are using DMARC and its underlying technologies as domain-based controls to address:

  • Email Fraud – DMARC’s original use-case. DMARC provides visibility of how a domain is used and prevents unauthorized senders from sending email on behalf of an organization.
  • Email Reliability – Organizations need email to be reliable. DMARC is the foundation for email delivery, and is often the first step taken to resolve email delivery issues.
  • Compliance – Industries, governments, and regulations are increasingly requiring DMARC to be in place. It is also becoming a requirement for many cybersecurity insurance providers.

These controls are more important than ever. In their most recent Phishing Activity Trends Report, the Anti-Phishing Working Group (APWG) reported that in Q1 2021, “phishing attacks against the financial sector, which includes banks, remained the largest set of attacks, accounting for 23.6 percent of all phishing.”

In addition, in Q1 2022 APWG “observed 1,025,968 total phishing attacks. This was the worst quarter for phishing that APWG has ever observed, and the first time that the quarterly total has exceeded one million.”

RELATED: Take a look at DMARC adoption rates for other sectors

We’re Here to Help

With a team of email security experts and a mission of making email and the internet more trustworthy through domain security, dmarcian is here to help assess an organization’s domain catalog and implement and manage DMARC for the long haul. You can get in touch with us or register for a free trial where our onboarding and support team will help you along the way.

Want to continue the conversation? Head over to the dmarcian Forum