General Information & Client Service
  • Americas: +1.212.553.1653
  • Asia: +852.3551.3077
  • China: +86.10.6319.6580
  • EMEA: +44.20.7772.5454
  • Japan: +81.3.5408.4100
Media Relations
  • New York: +1.212.553.0376
  • London: +44.20.7772.5456
  • Hong Kong: +852.3758.1350
  • Tokyo: +813.5408.4110
  • Sydney: +61.2.9270.8141
  • Mexico City: +001.888.779.5833
  • Buenos Aires: +0800.666.3506
  • São Paulo: +0800.891.2518
March 09, 2018

Sabine Lautenschläger and Benoît Cœuré of ECB spoke about cyber resilience at the first meeting of the Euro Cyber Resilience Board for pan-European Financial Infrastructures in Frankfurt. Ms. Lautenschläger highlights that “ECB Banking Supervision takes cyber resilience very seriously” and discussed the ECB progress so far, along with its plans for the future. Mr. Cœuré also discussed the future course of the high-level cyber resilience forum for pan-European financial market infrastructures, critical service providers, and competent authorities.

With respect to the work done so far, Ms. Lautenschläger highlighted that ECB has conducted thematic reviews on cyber risk and outsourcing, a stocktake on how IT risks are supervised outside the euro area, and quite a few on-site inspections into IT and cyber risks, using state-of-the-art methods. ECB has also set up a reporting framework for cyber incidents. Drawing on the EBA guidelines, ECB has developed comprehensive IT risk self-assessments for the banks it supervises, including an extensive section on IT and cyber security. The results of these assessments will feed into the Supervisory Review and Evaluation Process, in which ECB will also challenge the information provided by banks. The review will give a better idea of the overall IT risk landscape in the banking industry and will help to identify blind spots early on and define areas for further investigation; this will eventually feed into the plans for 2019. In addition, the review will help to compare banks and partially anonymized feedback could then be shared with them. She concludes, “While cybercrime may have an aura of mystery and power, cyber resilience is quite the opposite: it calls for vigilance and diligence, day in, day out.”

Additionally, Benoît Cœuré of ECB said that, within the Eurosystem, there has been close collaboration on implementing the Eurosystem oversight cyber resilience strategy for financial market infrastructures, in line with CPMI-IOSCO’s guidance on this topic. He explained the goals and objectives of the Euro Cyber Resilience Board (ECRB) for pan-European Financial Infrastructures and highlighted that ECRB will have no formal powers to impose binding measures and will not make supervisory judgments. The ECRB will be chaired by ECB, which will be closely involved together with national central banks and observers from the relevant European public authorities. He also outlined the two recent activities of ECB:

  • First, a cyber resilience survey, developed under the Eurosystem oversight cyber resilience strategy, was conducted across more than 75 payment systems, central securities depositories, and central counterparties throughout Europe. The survey highlighted a number of very pertinent issues for discussion, such as cyber governance, training and awareness, and cyber incident response.
  • Second, the Eurosystem is finalizing the main elements of the European Threat Intelligence-Based Ethical Red-Teaming (TIBER-EU) Framework. This is an interesting concept that is expected to raise the level of cyber resilience in Europe and enable cross-border, cross-authority testing, which has not been done before.

 

Related Links

Keywords: Europe, EU, Banking, PMI, Cyber Risk, Banking Supervision, ECB

Related Insights
News

US Agencies Propose Revisions to FFIEC Reports 031, 041, 051, and 101

US Agencies (FDIC, FED, and OCC) propose to extend for three years, with revision, FFIEC 031, FFIEC 041, FFIEC 051, and FFIEC 101.

February 21, 2019 WebPage Regulatory News
News

OFR Adopts Data Collection Rule on Centrally Cleared Repo Transactions

OFR adopted a final rule to establish a data collection covering centrally cleared funding transactions in the U.S. repurchase agreement (repo) market.

February 20, 2019 WebPage Regulatory News
News

FHFA Finalizes Rule on Federal Home Loan Bank Capital Requirements

FHFA published, in Federal Register, the final rule to adopt, as its own, portions of the regulations of the Federal Housing Finance Board pertaining to the capital requirements for the Federal Home Loan Banks.

February 20, 2019 WebPage Regulatory News
News

PRA Publishes PS4/19 on Loss-Absorbency Mechanism Under Solvency II

PRA published a policy statement (PS4/19) that provides feedback on responses to the consultation paper (CP27/18) on adjusting for the reduction of loss absorbency where own fund instruments are taxed on write down under Solvency II.

February 20, 2019 WebPage Regulatory News
News

SRB Publishes Framework for Performing Valuations in Resolution

The framework provides independent valuers and the general public with an indication of the expectations of SRB on the principles and methodologies for valuation reports, as set out in the legal framework.

February 19, 2019 WebPage Regulatory News
News

BIS Paper on Effect of Securities Lending on OTC Market Liquidity

BIS published a working paper that studies how securities lending affects over-the-counter market (OTC) liquidity.

February 19, 2019 WebPage Regulatory News
News

US Agencies Extend Consultation Period for the Proposed SA-CCR

US Agencies (FDIC, FED, and OCC) extended the comment period for a proposed rule to update their standards for how firms measure counterparty credit risk posed by derivative contracts.

February 18, 2019 WebPage Regulatory News
News

FED Extends Consultation Period for Stress Testing Rule

FED has published in the Federal Register a notice proposing amendments to the company run and supervisory stress test rules.

February 15, 2019 WebPage Regulatory News
News

EBA Single Rulebook Q&A: Third Update for February 2019

EBA published answers to two questions under the Single Rulebook question and answer (Q&A) updates for this week.

February 15, 2019 WebPage Regulatory News
News

SEC Proposes Rule on Risk Mitigation Techniques for Uncleared SBS

SEC proposed a rule that would require the application of specific risk-mitigation techniques to portfolios of security-based swaps (SBS) that are not submitted for clearing.

February 15, 2019 WebPage Regulatory News
RESULTS 1 - 10 OF 2623