• wblogo
  • wblogo
  • wblogo

Financial services the main target for cyber-attacks, says World Bank

Chris Hamblin, Editor, London, 6 July 2018

articleimage

Customers of financial services suffered 65% more cyberattacks in 2016 than customers of any other industry, which represented a 29% increase from the previous year, according to World Bank Group estimates.

 

One of the bank's papers lists some useful regulatory documents on the subject that pertain to various jurisdictions; they are as follows.

  • The Australian Draft Treasury Laws Amendment (Banking Executive Accountability and Related Measures) Bill 2017.
  • The Australian Securities and Investments Commission's Report on Cyber Resilience (March 2015).
  • The People's Republic of China Cyber-Security Law (June 2017).
  • Germany's BaFin consultation on circular on [sic] bank regulatory requirements for IT systems (March 2017).
  • Hong Kong Securities and Futures Commission's circular on augmenting accountability of senior management (December 2016).
  • The Hong Kong Monetary Authority's Circular on the Cyber-security Fortification Initiative (ditto).
  • HK SFC Review of cyber-security of online and mobile trading systems (October 2016).
  • The Reserve Bank of India's document entitled India Non-Banking Financial Company - Account Aggregators (September 2016).
  • The Central Bank of Ireland Cross Industry Guidance on IT and Cyber-security Risks (September 2016).
  • The Central Bank of Israel Directive on Cyber-defence Management (March 2015).
  • Malaysia Securities Commission Guidelines to enhance cyber-resilience of the Capital Market (October 2016).
  • Singapore Association of Banks’ Guidelines on control objectives and procedures for outsourced service providers (June 2017).
  • The Monetary Authority of Singapore's Guidelines on Outsourcing (July 2016).
  • The MAS's Circular on Technology risk and cyber-security training for Board [sic] (Oct 2015).
  • The MAS's Circular on Early Detection of Cyber Intrusions (August 2015).
  • The MAS's Notice on Technology Risk Management (March 2014).
  • South Korea's so-called Korea Electronic Financial Transactions Act and Enforcement Decree (January 2007).
  • The South Korean FSC's/FSS's Korea Regulation on Supervision of Electronic Financial Transactions (ditto).
  • The UK Financial Conduct Authority's Consultation on extending Individual Accountability regime (SMCR) (July 2017).
  • UK Competition and Markets Authority - the UK Open Banking Initiative (March 2017).
  • The UK Government Cyber-security Regulation and Incentives Review (December 2016).
  • Bank of England - the UK CDEST Intelligence-led cyber security assessment 2.0 (2016).
  • UK FCA and Prudential Regulation Authority - UK FCA Senior Managers and Certification Regime (final rules) (July 2015).
  • US NIST Cybersecurity Workforce Framework (August 2017).
  • The US Securities and Exchange Commission's Cybersecurity Examination Initiative Risk Alert (August 2017).
  • US FFEIC Cybersecurity Assessment Tool (May 2017).
  • New York Department of Financial Services - New York cyber-security requirements for financial services companies (March 2017).
  • US NIST draft updated Framework for Improving Critical Infrastructure Cyber-security (January 2017).
  • US Financial Crimes Enforcement Network's Advisory on FIs obligations on cyber-related events and crimes (October 2016).
  • US Federal Banking Agencies ANPR for enhanced cyber-security standards (October 2016).
  • US FFEIC - Supplement to Authentication in an Internet Banking Environment (June 2011).

Latest Comment and Analysis

Latest News

Award Winners

Most Read

More Stories

Latest Poll