This document discusses mobile banking security risks and consequences. It begins with an overview of how identity can be viewed from the perspectives of the user, attributes, devices, and mobile devices. It then covers evolving guidance from FFIEC on layered security, challenges in assessing risk from transactions, and maturity of mobile banking features. The document argues that updated guidance is needed to address capabilities of mobile banking, big data analytics, and fraud management since the last update in 2011.