Financial Crime World

Brazil’s Financial Institutions Strengthen Cybersecurity Measures Amid Rising Incidents

Cyberattacks on the Rise in Brazil’s Financial Sector

SAO PAULO - Brazil’s financial institutions are increasing their cybersecurity measures to counter a growing threat of cyberattacks, which could compromise confidential information stored in databases. According to data from the Centre for Studies, Responses and Treatment of Security Incidents in Brazil, there were 875,327 security incident notifications in 2019 and 318,697 in the first half of 2020 alone.

Regulatory Agencies Take Action

In response to this growing threat, regulatory agencies such as:

  • Central Bank (BACEN): Requires financial institutions to implement security controls to protect sensitive information, detect and respond to cyber threats, and maintain incident response plans.
  • Brazilian Securities Commission (CVM): Has issued guidelines for listed companies to establish cybersecurity protocols and report any incidents to the market regulator.
  • National Monetary Council (CMN): Established rules for the protection of confidential data, including personal data, financial information, and other sensitive information.

Guidelines and Regulations

Financial institutions must implement technical and organizational security measures capable of protecting personal data from unauthorized access, unlawful or accidental situations involving destruction, loss, change, communication, or any other unlawful processing activity. The Brazilian Data Protection Authority (ANPD) will consider how measures have been adopted when assessing penalties for companies liable for data breaches or non-compliance with the General Data Protection Law (LGDP).

International Cooperation on Cybersecurity

The rise in cyberattacks has led to an increase in international cooperation on cybersecurity. Brazil is currently an observer member of the Budapest Convention on Cybercrime and has been invited to accede to the convention, which facilitates information exchanges between different jurisdictions for investigating cybercrimes.

Conclusion

Financial institutions in Brazil are stepping up their cybersecurity measures as incidents rise, driven by regulatory guidelines and regulations established by agencies such as BACEN, CVM, and CMN. The country is also increasing international cooperation on cybersecurity through its membership in the Budapest Convention on Cybercrime.