Financial Crime World

Trinidad and Tobago’s Financial Institutions Exposed to Cybersecurity Risks, Experts Warn

Urgent Need for Strengthened Cybersecurity Measures

A recent technical assistance report has highlighted the pressing need for financial institutions in Trinidad and Tobago to enhance their cybersecurity measures. The report, released on April 17, 2023, identified several concerns that pose a threat to the country’s financial system.

Key Findings

  • Inadequate governance structures
  • Resource constraints
  • Lack of focus on payment systems other than SWIFT
  • Information technology (IT) governance responsibilities have comeled with the second line of defense
  • Information security function reports to the IT function

Central Bank of Trinidad and Tobago’s Cybersecurity Governance

The report noted that the Central Bank of Trinidad and Tobago’s (CBTT) cybersecurity governance is set up according to generally accepted practices, but there are still areas for improvement. Specifically:

  • The IAM project is currently in the preparatory stage
  • Project arrangements were found to be comparable to good practices observed elsewhere, but more work needs to be done to ensure its successful implementation

Regulatory Environment on Cyber

The report criticized the CBTT’s regulatory environment on cyber, noting that:

  • Instructions are part of several guidelines in an indirect way
  • There is no dedicated guidance on the subject
  • However, a seminar on cyber risk regulation held by the bank contributed to building capacity to draft a guideline on the topic

Recommendations for Strengthening Supervisory Practices

The report made recommendations for strengthening supervisory practices pertaining to cyber risk, including:

  • Addressing resource constraints
  • Conducting regular risk-based onsite examinations
  • Setting up offsite supervision capabilities

These recommendations aim to improve the overall cyber posture of both the CBTT and the financial institutions supervised by it.

Devastating Consequences if Left Unchecked

Experts warn that if left unchecked, these cybersecurity risks could have devastating consequences for Trinidad and Tobago’s financial system. The country’s financial institutions must take immediate action to address these concerns and ensure the safety and security of their customers’ data.

International Organization Urges Action

In light of these findings, the International organization is urging the government and financial institutions in Trinidad and Tobago to prioritize cybersecurity and take necessary steps to mitigate the identified risks.