Financial Crime World

Central Bank Issues Guidance on IT and Cyber Security Risks in Financial Services

The Central Bank has recently issued new guidance aimed at helping financial services firms better manage IT and cyber security risks. The guidance emphasizes the importance of ensuring that outsourcing arrangements do not compromise effective supervision by the Central Bank, as well as keeping up-to-date with evolving IT risks and best practices.

Effective Supervision through Outsourcing Arrangements

The guidance stresses the need for financial services firms to monitor potential concentration risks in their outsourcing arrangements. This includes identifying a small number of service providers and taking action if necessary to mitigate potential risks. The goal is to ensure that outsourcing arrangements do not compromise effective supervision by the Central Bank.

IT Risks Present Ongoing Challenges

The guidance also highlights the increasing importance of IT and cyber security in the financial services sector, citing recent high-profile attacks such as the attempted theft of $951 million from Bangladesh’s central bank. The spokesperson for the Central Bank noted that “IT risks present ongoing challenges for financial services firms, both because of the increasing importance of technological developments in the sector and the increasing sophistication of criminal attacks.”

Best Practices for IT and Cyber Security

The guidance advises financial services firms to keep up-to-date with evolving IT risks and best practices, including:

  • The EU’s Network and Information Security Directive, which will apply from May 2018
  • Reviewing data protection policies and procedures in anticipation of the General Data Protection Regulation’s entry into effect next year
  • Keeping up-to-date with emerging trends and threats in the field

Key Takeaways

  • Financial services firms must monitor potential concentration risks in outsourcing arrangements and take action if necessary.
  • Firms must ensure that outsourcing arrangements do not compromise effective supervision by the Central Bank.
  • The increasing importance of IT and cyber security in the financial services sector presents ongoing challenges for firms.
  • Firms should keep up-to-date with evolving IT risks and best practices, including the EU’s Network and Information Security Directive.

For Further Information

Contact McCann FitzGerald at inquiries@mccannfitzgerald.com or visit their website at www.mccannfitzgerald.com.