A very important step in a security system is response. Without it, the strongest security is severly compromised.

• What good is an alarm noone hears or noone investigates?
• What good is a safe noone knows has been opened? [*]
• What good is a bank account at a bank which doesn't keep track of transactions? [**]

Locking the account is an (automated) response to a possible security breach. It extends the time needed for an attacker to break into the account enough to disuade the attacker or enough to mount a stronger response.

* — Safes are rated in terms of how many minutes it takes for a pro to break into them.

** — An audit is a type of response which occurs after (as opposed to during) the breach.