Financial Crime World

Compliance Risks in Banking Sector Continue to Grow in Philippines

The Philippines’ banking sector has been a prime target for criminals, and the rapid shift to remote working has only accelerated threats. In this article, we will explore the growing compliance risks in the banking sector and the measures being taken to mitigate them.

Rising Compliance Risks in Banking Sector

According to the Bankers Association of the Philippines (BAP), losses from bank fraud during the pandemic reached P1 billion, with cybercrimes increasing threefold before the coronavirus outbreak. Despite efforts by financial institutions to strengthen their cybersecurity defenses, recent incidents have shown that complacency can be costly.

Recent Incidents

  • A recent hacking incident involving BDO and UnionBank of the Philippines, Inc. resulted in losses of P1.2 million, with potential losses exceeding P50 million had it not been detected.
  • Credit rating agencies such as S&P Global Ratings and Fitch Ratings have sounded the alarm on the growing threat of cyberattacks in Asia-Pacific, emphasizing the need for industry-wide collaboration and cross-border information sharing to strengthen cybersecurity.

Importance of Robust Fraud Management Systems

The Bangko Sentral ng Pilipinas (BSP) has emphasized the importance of robust fraud management systems, requiring supervised financial institutions (BSFIs) to implement automated and real-time fraud monitoring and detection systems. Failure to comply with these requirements can result in corrective actions, sanctions, and supervisory enforcement actions.

Credit Rating Agencies’ Concerns

  • Fitch Ratings considers cyber risk as a part of a bank’s broader risk control and risk profile, which translates to 10% of the total weight on the Viability Rating or standalone credit profile of a bank.
  • S&P Global Ratings predicts that cyber incidents will become more sophisticated and difficult to handle.

Vendor Risk Management Systems

The BSP has also emphasized the importance of vendor risk management systems and due diligence procedures for BSFIs that outsource business functions. The central bank continues to stretch its policy and supervisory reforms to engage banks and other financial institutions to strengthen their cybersecurity frameworks.

Digital Transformation Initiatives

  • Financial institutions are compelled to adopt and enhance their digital transformation initiatives, putting in place robust vendor risk management systems and integrating due diligence procedures to effectively manage third-party risk.
  • The BSP’s efforts to strengthen its cybersecurity frameworks and engage banks and other financial institutions will be crucial in mitigating the risks posed by cyberattacks.

Conclusion

With the growing complexity and criticality of outsourcing business functions, it is imperative for BSFIs to prioritize cybersecurity and ensure that their defenses are multi-layered and real-time. Failure to do so can result in costly losses and reputational damage. As the banking sector continues to evolve, it is essential that financial institutions prioritize cybersecurity and stay ahead of emerging threats to maintain trust and confidence with their customers.