Featured Product

    Benoît Cœuré of CPMI on Ongoing Work to Strengthen Cyber Resilience

    May 10, 2019

    Benoît Cœuré, the CPMI Chair and Member of the Executive Board of ECB, spoke at the G7 conference on cybersecurity. He discussed the policy and implementation work of CPMI and European institutions on strengthening cyber resilience, also highlighting the importance of international cooperation in governance of issues related to cyber security. He explained that the Eurosystem cyber strategy is built on three core pillars—FMI resilience, sector resilience, and strategic industry-regulator dialog.

    Mr. Cœuré noted that the value of the work of standard-setting bodies lies in its implementation. CPMI and IOSCO authorities have been working closely with the financial market infrastructures (FMIs) in their respective jurisdictions on the implementation of the CPMI-IOSCO guidance. At the international level, more detailed implementation monitoring is planned for this year. Last September, Mr. Cœuré co-chaired, at BDF, the first roundtable among CEOs of the 22 largest global and regional FMIs and their supervisors. The meeting explored how FMIs and supervisors could collectively strengthen cyber resilience to defend against a common threat. Three areas were identified, where the challenges require the supervisors to work closely together to find solutions. These areas are data integrity, information-sharing, and third-party service providers. International working groups are planning to explore open issues related to information-sharing and third-party service provision. For information-sharing, a common international protocol for operational incidents could enable faster and better-informed responses. For third-party service provision, such as cloud services, cooperation among FMIs can improve safety arrangements by providing a clearer view of common service providers' risk-management practices. 

    He added that the Eurosystem cyber strategy is built on three core pillars—FMI resilience, sector resilience, and strategic industry-regulator dialog. Under the FMI resilience, ECB published its cyber resilience oversight expectations, which is a tool for both FMIs and overseers, in December 2018. These expectations contain detailed best practices for operationalizing the CPMI-IOSCO guidance. The Eurosystem is repeating a cyber survey among 76 FMIs to evaluate the extent to which the sector has improved in terms of cyber maturity and to assess the macro vulnerabilities of the sector more broadly. In June 2018, ECB hosted UNITAS—a market-wide crisis communication exercise—which facilitated discussion among FMIs active at the pan-European level. Euro Cyber Resilience Board (ECRB) was established last year to facilitate a strategic cyber dialog between pan-European FMIs and European authorities. Based on the results of the first round of cyber survey and on the UNITAS exercise, ECRB is focusing on the following key areas:

    • The work on information-sharing can feed directly into the global discussion held at CPMI-IOSCO level. ECRB has established a working group with the market to design building blocks for effective information-sharing, which will be implemented by the end of 2019.
    • On pan-European crisis management, a working group will determine what is considered to be a crisis, the key stakeholders that should be involved in crisis situations, and when such crisis management arrangements should be triggered. The ambition is to have a range of playbook scenarios that will be regularly tested at a collective level.
    • On training and awareness, ECRB will also host an industry workshop in the second half of 2019, exchanging best practices to raise general cyber awareness among staff at all levels to change their behavior in the light of the actual and perceived cyber threats.
    • Also, in the second half of 2019, ECRB will echo similar initiatives at the CPMI-IOSCO level and turn its attention to ecosystem recovery and coordinated reconciliation and third-party risk. The focus will be on how to respond to a major cyber incident or prevent an incident stemming from the ever-expanding supply chain.

    Mr. Cœuré concluded that progress has been made in recent years in strengthening cyber resilience, with the help of a smooth interplay among global standard-setting bodies, regional authorities, and industry stakeholders. However, due to constantly changing threat landscape, the risk of a major cyber incident remains real and is rising. Failure to adequately protect against cyber attacks may dent confidence in the stability of the financial system and may have more far-reaching repercussions on the broader economy. To avert these risks and to stay ahead of those trying to damage the financial system, it is necessary to leverage the tools and best practices that already exist and strengthen multilateral cooperation to promote innovative ideas, practical solutions, and experience-sharing. 

     

    Related Link: Speech

     

    Keywords: International, Europe, Banking, PMI, FMI, Cyber Resilience, Cybersecurity, Crisis Management, CPMI, ECB, BIS

    Related Articles
    News

    APRA Announces Deferral of Capital Reform Implementation

    APRA announced that it is deferring the scheduled implementation of Basel III reforms in Australia by one year.

    March 30, 2020 WebPage Regulatory News
    News

    BCBS Defers Implementation of Final Basel III Standards by One Year

    BCBS has announced deferral of the implementation date of the final Basel III standards by one year, to January 01, 2023.

    March 27, 2020 WebPage Regulatory News
    News

    FCA Communicates No Impact of COVID-19 on LIBOR Transition Date

    FCA, BoE, and members of the Working Group on Sterling Risk-Free Reference Rates have discussed the impact of the COVID-19 on firms’ LIBOR transition plans over the coming months.

    March 27, 2020 WebPage Regulatory News
    News

    EC Regulation on CCR Mitigation for Covered Bonds and Securitizations

    EC published the Delegated Regulation 2020/447 with regard to regulatory technical standards on the specification of criteria for establishing the arrangements to adequately mitigate counterparty credit risk, or CCR, associated with covered bonds and securitizations.

    March 27, 2020 WebPage Regulatory News
    News

    IFRS Publishes Statement on Its Work During the COVID-19 Crisis

    IFRS, in its statement, emphasized that it shares global concerns about the impact of COVID–19 and is supporting its stakeholders by reconsidering timelines of its meetings and publications, providing information on the application of IFRS 9 on financial instruments, and offering calendar updates on ongoing activities.

    March 27, 2020 WebPage Regulatory News
    News

    US Agencies Announce Changes to SA-CCR and CECL Rules Due to COVID-19

    In light of the recent disruptions in economic conditions due to the COVID-19 outbreak, US Agencies (FDIC, FED, and OCC) announced two actions to allow banking organizations to continue lending to households and businesses.

    March 27, 2020 WebPage Regulatory News
    News

    IAIS Adjusts Work Program to Address Impact of COVID-19 on Insurers

    Considering the impact of COVID-19 outbreak, IAIS announced initial adjustments to its work program to provide operational relief to its member supervisors, insurers, and other stakeholders.

    March 27, 2020 WebPage Regulatory News
    News

    OSFI Announces Regulatory Adjustments to Support COVID-19 Efforts

    OSFI published three targeted industry letters that announce a series of regulatory adjustments to support the financial and operational resilience of federally regulated banks, insurers, and private pension plans in the light of COVID-19.

    March 27, 2020 WebPage Regulatory News
    News

    UK Regulators Announce Measures to Address Impact of COVID-19

    UK Regulatory Authorities published statements and guidance addressed to financial entities on dealing with the impact of the coronavirus (COVID-19) outbreak.

    March 26, 2020 WebPage Regulatory News
    News

    ISDA and Industry Request Delay in Timeline for Initial Margin Rules

    Considering the challenges posed by the COVID-19 pandemic, ISDA submitted a letter on behalf of 21 industry associations and their members requesting BCBS, IOSCO, and global regulators to suspend the current timeline for the initial margin phase-in.

    March 26, 2020 WebPage Regulatory News
    RESULTS 1 - 10 OF 4903