share this article!

SAUL LOEB/AFP/SAUL LOEB/AFP/SAUL LOEB/AFP/AFP/AFP/AFP/AFP
Getty Images/AFP/AFP/AFP/AFP/AFP/AFP/AFP/AFP
Senator Jon Ossoff asked Federal Reserve Chair Jerome Powell what he considered “to be the greatest systemic threats to financial stability over the medium term, either limited to the United States or globally” at today’s Semiannual Monetary Policy Report to Congress. Legislators and regulators around the world should pay close heed to Powell’s comments. “I’d have to answer that the thing that most concerns me is the cyber threat. You’re well aware that it’s a constant worry. And we, like the private sector, spend a lot of money on it. For problematic lending and risk management, we have a playbook.” He is absolutely correct. Numerous banks have failed or almost failed in the United States and overseas as a result of major credit or operational problems. Regulators and politicians have undoubtedly learned a great deal from the financial crisis of 2007-2009.
Semiannual Monetary Policy Report to Congress, Senator Jon Ossoff, July 15, 2021.
“We have a lot of capital in the system,” Rodriguez Valladares Chair Powell continued. This is correct as well. The world’s most systemically significant banks now have not only more capital, but capital that is of considerably higher quality and loss absorption than was previously necessary before Basel III was adopted in 2010. Furthermore, globally systemically significant banks now have consistent liquidity requirements requiring them to maintain high-quality liquid resources in order to survive credit and market crises.
Cyber danger, on the other hand, is quite different. “…as you can see, with the ransomware issues…now it’s just a race to keep up. We haven’t had to deal with a huge cyber event in terms of financial stability, and I don’t expect to. But that’s the thing that concerns me the most.” Powell had previously raised similar fears about cyber danger in an interview with CBS’ 60 Minutes.
Powell is correct to be concerned! Cyber attacks have been on the rise in recent years, particularly since COVID-19. “While cyber activities such as phishing, malware, and ransomware are not new,” according to a report released by the Financial Stability Board earlier this week, “they grew with the spread of the pandemic, from fewer than 5,000 per week in February 2020 to more than 200,000 per week in late April 2021.” The financial sector has been the target of the most cyber attacks of any industry.
ADDITIONAL INFORMATION FOR YOU

Work-from-home (WFH) arrangements create new opportunities for cybercriminals.
Board of Financial Stability

Cyber risk is undoubtedly a major worry for financial organizations. Information security, including cyber, was named as “the single greatest industry worry” in a research published by O.R.X. last month, having the ability to harm firms financially, operationally, and reputationally.
According to the Financial Stability Board (Financial Stability Board), “Cyber security, such as firewalls, antivirus software, intrusion detection systems, and security operations centers, require ongoing investment and maintenance. At the same time, financial institutions must acknowledge the human dimension as a critical component of cyber security (for example, the handling of confidential information by employees working from home). Phishing, for example, is a common attack strategy that targets both staff and customers.”
Principles for Operational Resilience was released by the Basel Committee on Banking Supervision (BCBS) in April. Information and communication technology (ICT), which includes cyber security, is one of the key principles. Banks should ensure resilient ICT, including cyber security that is protected, detection, response, and recovery programs that are regularly tested, incorporate appropriate situational awareness, and communicate relevant timely information for risk management and decision-making processes, according to the BCBS. The goal is to fully support and facilitate the bank’s critical operational delivery.
Importantly, the Federal Financial Institutions Examination Council (FFIEC) updated the FFIEC Information Technology Examination Handbook ‘Architecture, Infrastructure, and Operations (AIO)’ recently in the United States. Many sections of this crucial bank examination manual are devoted to teaching bank examiners what to look for in terms of cyber security risk management in banks. AIO was sent to every supervisory officer at each Federal Reserve Bank. Before inspectors arrive at their banks, professionals with IT responsibilities at banks would do themselves a huge service if they read this manual./nRead More

share this article!