March 09, 2018

Sabine Lautenschläger and Benoît Cœuré of ECB spoke about cyber resilience at the first meeting of the Euro Cyber Resilience Board for pan-European Financial Infrastructures in Frankfurt. Ms. Lautenschläger highlights that “ECB Banking Supervision takes cyber resilience very seriously” and discussed the ECB progress so far, along with its plans for the future. Mr. Cœuré also discussed the future course of the high-level cyber resilience forum for pan-European financial market infrastructures, critical service providers, and competent authorities.

With respect to the work done so far, Ms. Lautenschläger highlighted that ECB has conducted thematic reviews on cyber risk and outsourcing, a stocktake on how IT risks are supervised outside the euro area, and quite a few on-site inspections into IT and cyber risks, using state-of-the-art methods. ECB has also set up a reporting framework for cyber incidents. Drawing on the EBA guidelines, ECB has developed comprehensive IT risk self-assessments for the banks it supervises, including an extensive section on IT and cyber security. The results of these assessments will feed into the Supervisory Review and Evaluation Process, in which ECB will also challenge the information provided by banks. The review will give a better idea of the overall IT risk landscape in the banking industry and will help to identify blind spots early on and define areas for further investigation; this will eventually feed into the plans for 2019. In addition, the review will help to compare banks and partially anonymized feedback could then be shared with them. She concludes, “While cybercrime may have an aura of mystery and power, cyber resilience is quite the opposite: it calls for vigilance and diligence, day in, day out.”

Additionally, Benoît Cœuré of ECB said that, within the Eurosystem, there has been close collaboration on implementing the Eurosystem oversight cyber resilience strategy for financial market infrastructures, in line with CPMI-IOSCO’s guidance on this topic. He explained the goals and objectives of the Euro Cyber Resilience Board (ECRB) for pan-European Financial Infrastructures and highlighted that ECRB will have no formal powers to impose binding measures and will not make supervisory judgments. The ECRB will be chaired by ECB, which will be closely involved together with national central banks and observers from the relevant European public authorities. He also outlined the two recent activities of ECB:

  • First, a cyber resilience survey, developed under the Eurosystem oversight cyber resilience strategy, was conducted across more than 75 payment systems, central securities depositories, and central counterparties throughout Europe. The survey highlighted a number of very pertinent issues for discussion, such as cyber governance, training and awareness, and cyber incident response.
  • Second, the Eurosystem is finalizing the main elements of the European Threat Intelligence-Based Ethical Red-Teaming (TIBER-EU) Framework. This is an interesting concept that is expected to raise the level of cyber resilience in Europe and enable cross-border, cross-authority testing, which has not been done before.

 

Related Links

Keywords: Europe, EU, Banking, PMI, Cyber Risk, Banking Supervision, ECB

Related Articles
News

HKMA Revises Implementation Schedule for Initial Margin Rules

HKMA intends to adopt a revised implementation schedule for the margin requirements for non-centrally cleared derivatives.

August 16, 2019 WebPage Regulatory News
News

FASB Proposes to Extend CECL Standard Deadline for Certain Entities

FASB proposed an Accounting Standards Update that would grant private companies, not-for-profit organizations, and certain small public companies additional time to implement FASB standards on current expected credit losses (CECL), leases, and hedging.

August 15, 2019 WebPage Regulatory News
News

IASB Adds Phase Two of IBOR Reform to Its Work Plan

IASB (or the Board) has added the second phase of its project focused on potential financial reporting implications linked to the interest rate benchmark reform—interbank offer rate (IBOR) reform—to its work plan.

August 15, 2019 WebPage Regulatory News
News

FED Updates Draft Instructions for Proposed FR Y-14 Reporting Forms

FED updated draft instructions for the monthly, quarterly, and annual capital assessments and stress testing reports, also known as forms FR Y-14M, FR Y-14Q, FR Y-14A, respectively.

August 15, 2019 WebPage Regulatory News
News

APRA Applies Additional Capital Requirement for an Australian Insurer

APRA decided to apply an additional $250 million capital requirement to Allianz Australia Limited to reflect the issues identified in the risk governance self-assessment by the insurer.

August 14, 2019 WebPage Regulatory News
News

APRA Consults on Final Phase Margin Rules for Uncleared Derivatives

APRA is consulting on amendments to the prudential standard CPS 226 on margin and risk mitigation requirements for non-centrally cleared derivatives.

August 14, 2019 WebPage Regulatory News
News

BCBS FAQs on Implementation of Operational Risk Capital Requirements

BCBS published the first set of frequently asked questions (FAQs) to facilitate consistent global implementation of the standardized approach for operational risk capital.

August 14, 2019 WebPage Regulatory News
News

MAS Publishes Rules on Single Counterparty Credit Limits for Banks

MAS published Notice 656 on rules to measure and limit exposures to a single counterparty group for banks incorporated in Singapore.

August 14, 2019 WebPage Regulatory News
News

BoE Publishes Actual and Indicative MREL for Banks in UK

BoE published actual and indicative minimum requirements for own funds and eligible liabilities (MRELs) for UK banks and buildings societies that have bail-in or partial transfer resolution strategies.

August 14, 2019 WebPage Regulatory News
News

OSFI Sets Out Plans for Implementation of Insurance Contracts Standard

OSFI published a letter that provides an update on the milestones completed and the activities underway with respect to the implementation of the insurance contracts standard International Financial Reporting Standard (IFRS) 17.

August 13, 2019 WebPage Regulatory News
RESULTS 1 - 10 OF 3638