BIS published a bulletin, or a note, that examines the cyber threat landscape in the context of the pandemic and discusses policies to reduce risks to financial stability. The financial sector has been hit relatively more often by cyber-attacks than most other sectors since the pandemic started. Payment firms, insurers, and credit unions have been especially affected. While this has not yet led to significant disruptions or a systemic impact, substantial cyber risks exist for financial institutions, their staff, and their customers going forward. Financial authorities are working to mitigate cyber risks, including through international cooperation.
The BIS Bulletin emphasizes that policy must consider two near-term trends. First, remote work is likely to remain higher than in the pre-COVID-19 period. Second, financial institutions are likely to continue to move parts of their IT operations to public cloud environments. As the market for cloud services is highly concentrated, there are warnings about increased homogeneity in the financial sector and single points of failure. A recent survey indicates that 82% of companies increased cloud usage as a result of the COVID-19 pandemic and 91% are planning a more strategic use of cloud in the near future. Through shared software, hardware, and vendors, incidents could, in principle, spread more quickly, leading to higher losses for financial institutions and stress in the financial system.
Policymakers and businesses are actively working together to mitigate cyber risks and their systemic implications. For instance, many private- and public-sector organizations are strengthening their operational resilience and many have engaged in “war games” or simulations of cyber-attacks. These exercises can help to identify vulnerabilities and enhance preparedness and lines of communication. Moreover, financial supervisors and overseers are leveraging national or international standards and guidance to promote cyber resilience. In addition to the global initiatives, several regional groups and cooperation forums are also working to address this challenge.
Keywords: International, Banking, Insurance, Securities, COVID-19, Cyber Risk, Systemic Risk, Cloud Computing, BIS
Leading economist; commercial real estate; performance forecasting, econometric infrastructure; data modeling; credit risk modeling; portfolio assessment; custom commercial real estate analysis; thought leader.
Across 35 years in banking, Blake has gained deep insights into the inner working of this sector. Over the last two decades, Blake has been an Operating Committee member, leading teams and executing strategies in Credit and Enterprise Risk as well as Line of Business. His focus over this time has been primarily Commercial/Corporate with particular emphasis on CRE. Blake has spent most of his career with large and mid-size banks. Blake joined Moody’s Analytics in 2021 after leading the transformation of the credit approval and reporting process at a $25 billion bank.
Previous ArticleCentral Bank of Ireland Consults on Treatment of Discretions in IFR
Next ArticleCBM Amends Directive on Loan Moratoria Amid Pandemic
The Board of Governors of the Federal Reserve System (FED) published the final rule that amends Regulation I to reduce the quarterly reporting burden for member banks by automating the application process for adjusting their subscriptions to the Federal Reserve Bank capital stock, except in the context of mergers.
The European Banking Authority (EBA) published its assessment of risks through the quarterly Risk Dashboard and the results of the Autumn edition of the Risk Assessment Questionnaire (RAQ).
The Hong Kong Monetary Authority (HKMA) published a circular, along with the reporting form and instructions, for self-assessment, by authorized institutions, of compliance with the Code of Banking Practice 2021.
The Financial Conduct Authority (FCA) decided to register European DataWarehouse Ltd and SecRep Limited as securitization repositories under the UK Securitization Regulation, with effect from January 17, 2022.
The European Commission (EC) published the Delegated Regulation 2022/25, which supplements the Investment Firms Regulation (IFR or Regulation 2019/2033) with respect to the regulatory technical standards specifying the methods for measuring the K-factors referred to in Article 15 of the IFR.
The Bank of International Settlements (BIS) published a paper that assesses the ways in which platform-based business models can affect financial inclusion, competition, financial stability and consumer protection.
The European Supervisory Authorities (ESAs) published the list of identified financial conglomerates for 2021.
The Australian Prudential Regulation Authority (APRA) updated the list of authorized deposit-taking institutions, granting license to Barclays Bank PLC and Crédit Agricole Corporate and Investment Bank to operate as foreign authorized deposit-taking institutions under the Banking Act 1959.
EU published, in the Official Journal of the European Union, a corrigendum to the Delegated Regulation 2015/35, which supplements Solvency II Directive (2009/138/EC).
The European Banking Authority (EBA) published an Opinion on the scale and impact of de-risking in European Union and the steps that competent authorities should take to tackle unwarranted de-risking.