Customers of financial services suffered 65% more cyberattacks in 2016 than customers of any other industry, which represented a 29% increase from the previous year, according to World Bank Group estimates.

One of the bank's papers lists some useful regulatory documents on the subject that pertain to various jurisdictions; they are as follows.

• The Australian Draft Treasury Laws Amendment (Banking Executive Accountability and Related Measures) Bill 2017.
• The Australian Securities and Investments Commission's Report on Cyber Resilience (March 2015).
• The People's Republic of China Cyber-Security Law (June 2017).
• Germany's BaFin consultation on circular on [sic] bank regulatory requirements for IT systems (March 2017).
• Hong Kong Securities and Futures Commission's circular on augmenting accountability of senior management (December 2016).
• The Hong Kong Monetary Authority's Circular on the Cyber-security Fortification Initiative (ditto).
• HK SFC Review of cyber-security of online and mobile trading systems (October 2016).
• The Reserve Bank of India's document entitled India Non-Banking Financial Company - Account Aggregators (September 2016).
• The Central Bank of Ireland Cross Industry Guidance on IT and Cyber-security Risks (September 2016).
• The Central Bank of Israel Directive on Cyber-defence Management (March 2015).
• Malaysia Securities Commission Guidelines to enhance cyber-resilience of the Capital Market (October 2016).
• Singapore Association of Banks’ Guidelines on control objectives and procedures for outsourced service providers (June 2017).
• The Monetary Authority of Singapore's Guidelines on Outsourcing (July 2016).
• The MAS's Circular on Technology risk and cyber-security training for Board [sic] (Oct 2015).
• The MAS's Circular on Early Detection of Cyber Intrusions (August 2015).
• The MAS's Notice on Technology Risk Management (March 2014).
• South Korea's so-called Korea Electronic Financial Transactions Act and Enforcement Decree (January 2007).
• The South Korean FSC's/FSS's Korea Regulation on Supervision of Electronic Financial Transactions (ditto).
• The UK Financial Conduct Authority's Consultation on extending Individual Accountability regime (SMCR) (July 2017).
• UK Competition and Markets Authority - the UK Open Banking Initiative (March 2017).
• The UK Government Cyber-security Regulation and Incentives Review (December 2016).
• Bank of England - the UK CDEST Intelligence-led cyber security assessment 2.0 (2016).
• UK FCA and Prudential Regulation Authority - UK FCA Senior Managers and Certification Regime (final rules) (July 2015).
• US NIST Cybersecurity Workforce Framework (August 2017).
• The US Securities and Exchange Commission's Cybersecurity Examination Initiative Risk Alert (August 2017).
• US FFEIC Cybersecurity Assessment Tool (May 2017).
• New York Department of Financial Services - New York cyber-security requirements for financial services companies (March 2017).
• US NIST draft updated Framework for Improving Critical Infrastructure Cyber-security (January 2017).
• US Financial Crimes Enforcement Network's Advisory on FIs obligations on cyber-related events and crimes (October 2016).
• US Federal Banking Agencies ANPR for enhanced cyber-security standards (October 2016).
• US FFEIC - Supplement to Authentication in an Internet Banking Environment (June 2011).