Financial Crime World

Burundi Finance Sector Under Threat from Cybercrime

The Burundi finance sector has become increasingly vulnerable to cyberattacks in recent years, with the risk of extreme losses from these incidents more than quadrupling since 2017. According to a recent report by the International Monetary Fund (IMF), the financial sector is uniquely exposed to cyber risk, with attacks on banks and other financial institutions accounting for nearly one-fifth of all reported cyberattacks.

The Threat Posed by Cybercrime

The threat posed by cybercrime in Burundi’s finance sector is significant, as attacks could potentially disrupt critical services such as payment networks and undermine trust in the financial system. In extreme cases, a severe incident could even lead to market selloffs or runs on banks. While no major “cyber runs” have occurred so far, modest deposit outflows have been observed at some smaller US banks following cyberattacks.

The Increasing Reliance on Third-Party IT Service Providers

The increasing reliance of financial firms on third-party IT service providers has also increased the sector’s exposure to system-wide shocks. A 2023 ransomware attack on a cloud IT service provider, for example, caused simultaneous outages at 60 US credit unions.

Strengthening Resilience in the Burundi Finance Sector

To strengthen resilience in the Burundi finance sector, authorities must develop an adequate national cybersecurity strategy accompanied by effective regulation and supervisory capacity. This should include:

  • Periodically assessing the cybersecurity landscape
  • Encouraging cyber maturity among financial firms
  • Improving cyber hygiene
  • Prioritizing data reporting and collection of cyber incidents
  • Sharing information among financial sector participants

International Cooperation

International cooperation is also essential to address cyber risk successfully, as attacks often emanate from outside a country’s borders and proceeds can be routed across borders. The IMF actively helps member countries strengthen their cybersecurity frameworks through policy advice and capacity-building activities.

Conclusion

The Burundi finance sector must take immediate action to address the growing threat of cybercrime and ensure the stability of the financial system. This includes developing a national cybersecurity strategy, improving cyber hygiene, and prioritizing data reporting and collection of cyber incidents.