Financial Crime World

ECB Warns of Cyber Risks and Governance Deficiencies in European Banking Sector

A Call for Action: Addressing Critical Risks and Vulnerabilities in Banks’ Operations

In a recent speech at the European Banking Federation’s online conference on “Cyber Security and Resilience: The Basis of it All in Digital Innovation”, Pentti Hakkarainen, Member of the Supervisory Board of the European Central Bank (ECB), emphasized the need for banks to address critical risks and vulnerabilities in their operations.

Six Key Processes Relying on End-of-Life Systems

Hakkarainen highlighted that six key processes in banks rely on end-of-life systems that require significant IT investments to mitigate associated risks. However, these investments may be delayed due to current market conditions.

Thematic Review Identifies Weaknesses in IT Risk Management and Data Quality Management

A thematic review of IT risks conducted by the ECB identified weaknesses in IT risk management and data quality management as areas where banks need to improve.

Importance of Strong Internal Governance and Strategic Steering

Hakkarainen emphasized the importance of strong internal governance and strategic steering for banks to effectively address the challenges posed by the COVID-19 pandemic. He noted that the pandemic has exposed pre-existing vulnerabilities in banks’ governance frameworks, including difficulties with risk data aggregation and reporting accuracy, which hampers strategic decision-making and risk monitoring.

Need for Better Integration of Risk Appetite Frameworks

The ECB official also warned about the need for better integration of risk appetite frameworks into risk management practices and decision-making processes. He noted that insufficient oversight by management bodies of operational and risk management decisions made to deal with the crisis may expose banks to money laundering and terrorist financing risks.

Harmonization of EU Regulatory Framework and Completion of Banking Union

In addition to cyber risks and governance deficiencies, Hakkarainen highlighted the need for further harmonization of the EU regulatory framework and the completion of the banking union to increase the efficiency and resilience of the EU banking sector. He also stressed the importance of establishing a European deposit insurance scheme (EDIS) and improving crisis management frameworks.

Conclusion

The ECB official concluded by emphasizing the need for banks and supervisors to be agile and flexible in response to rapidly changing economic conditions, citing the example of the ECB’s ability to adapt its supervisory priorities in 2020.