BIS published a bulletin, or a note, that examines the cyber threat landscape in the context of the pandemic and discusses policies to reduce risks to financial stability. The financial sector has been hit relatively more often by cyber-attacks than most other sectors since the pandemic started. Payment firms, insurers, and credit unions have been especially affected. While this has not yet led to significant disruptions or a systemic impact, substantial cyber risks exist for financial institutions, their staff, and their customers going forward. Financial authorities are working to mitigate cyber risks, including through international cooperation.
The BIS Bulletin emphasizes that policy must consider two near-term trends. First, remote work is likely to remain higher than in the pre-COVID-19 period. Second, financial institutions are likely to continue to move parts of their IT operations to public cloud environments. As the market for cloud services is highly concentrated, there are warnings about increased homogeneity in the financial sector and single points of failure. A recent survey indicates that 82% of companies increased cloud usage as a result of the COVID-19 pandemic and 91% are planning a more strategic use of cloud in the near future. Through shared software, hardware, and vendors, incidents could, in principle, spread more quickly, leading to higher losses for financial institutions and stress in the financial system.
Policymakers and businesses are actively working together to mitigate cyber risks and their systemic implications. For instance, many private- and public-sector organizations are strengthening their operational resilience and many have engaged in “war games” or simulations of cyber-attacks. These exercises can help to identify vulnerabilities and enhance preparedness and lines of communication. Moreover, financial supervisors and overseers are leveraging national or international standards and guidance to promote cyber resilience. In addition to the global initiatives, several regional groups and cooperation forums are also working to address this challenge.
Keywords: International, Banking, Insurance, Securities, COVID-19, Cyber Risk, Systemic Risk, Cloud Computing, BIS
Leading economist; commercial real estate; performance forecasting, econometric infrastructure; data modeling; credit risk modeling; portfolio assessment; custom commercial real estate analysis; thought leader.
Across 35 years in banking, Blake has gained deep insights into the inner working of this sector. Over the last two decades, Blake has been an Operating Committee member, leading teams and executing strategies in Credit and Enterprise Risk as well as Line of Business. His focus over this time has been primarily Commercial/Corporate with particular emphasis on CRE. Blake has spent most of his career with large and mid-size banks. Blake joined Moody’s Analytics in 2021 after leading the transformation of the credit approval and reporting process at a $25 billion bank.
Previous ArticleCentral Bank of Ireland Consults on Treatment of Discretions in IFR
Next ArticleCBM Amends Directive on Loan Moratoria Amid Pandemic
The European Banking Authority (EBA) published four draft principles to support supervisory efforts in assessing the representativeness of COVID-19-impacted data for banks using the internal ratings based (IRB) credit risk models.
The Bank for International Settlements (BIS) Innovation Hub updated its work program, announcing a set of projects across various centers.
Certain members of the U.S. Senate Committee on Banking, Housing, and Urban Affairs issued a letter to the Securities and Exchange Commission (SEC)
The European Insurance and Occupational Pensions Authority (EIOPA) published a consultation paper on the advice on the review of the securitization prudential framework in Solvency II.
The Prudential Regulation Authority (PRA) issued a statement on PRA buffer adjustment while the Bank of England (BoE) published a notice on the statistical reporting requirements for banks.
The Federal Financial Supervisory Authority of Germany (BaFin) proposed to amend the “Capital Investment Conduct And Organization Ordinance” and issued a draft circular on the minimum resolvability requirements for resolution planning.
The European Banking Authority (EBA) proposed guidelines, for the resolution authorities, on the publication of the write-down and conversion and bail-in exchange mechanic, with the comment period ending on September 07, 2022.
The Financial Services Authority of Indonesia (OJK) is strengthening cooperation with the Australian Prudential Regulation Authority (APRA) and the Japanese Financial Services Agency (JFSA)
The European Parliament and the Council published Regulation 2022/868 on European data governance (Data Governance Act).
The European Banking Authority (EBA) published phase 2 of its reporting framework 3.2. The technical package supports the implementation of the updated reporting framework by providing standard specifications