Financial Crime World

Cybercrime in Finance Sector Plagues Trinidad and Tobago, Experts Warn

=====================================================

A recent technical assistance report has highlighted the growing concerns over cybercrime in Trinidad and Tobago’s finance sector. The report, compiled by international experts, identified several areas of concern that leave financial institutions in the country vulnerable to cyber attacks.

Weak Cybersecurity Governance at Central Bank of Trinidad and Tobago (CBTT)

The report noted that the CBTT’s cybersecurity governance structure is not adequately separating IT governance responsibilities from its second line of defense. This leads to a lack of focus on payment systems other than SWIFT. Additionally, the information security function reports directly to the IT function, rather than having an independent reporting line.

Identity and Access Management (IAM) Project

The report also noted that the IAM project at the CBTT is still in the preparatory stage, despite being comparable to good practices observed elsewhere.

Regulatory Environment for Cyber Risk

Furthermore, the regulatory environment for cyber risk in Trinidad and Tobago lacks a dedicated guidance document. Instructions on the subject are scattered throughout several guidelines, making it challenging for financial institutions to stay compliant.

Consequences of Weaknesses

Experts warn that these weaknesses leave financial institutions in the country vulnerable to cyber attacks, which could have serious consequences for the stability of the financial system. The report recommends strengthening the cyber posture of the CBTT and supervised financial institutions by:

  • Addressing resource constraints
  • Conducting regular risk-based onsite examinations
  • Setting up offsite supervision capabilities

Recommendations

To strengthen supervisory practices and ensure that financial institutions in Trinidad and Tobago are adequately prepared to mitigate the growing threat of cybercrime, more needs to be done. This includes:

  • Building capacity among regulators to draft a guideline on cyber risk regulation
  • Conducting regular training and awareness programs for financial institution employees
  • Implementing robust cybersecurity measures to protect systems and data

Response from Central Bank of Trinidad and Tobago

In response to the report’s findings, a spokesperson for the Central Bank of Trinidad and Tobago stated that the institution is committed to strengthening its cybersecurity measures and working with regulators to develop guidelines on cyber risk. The bank has already taken several steps to improve its cybersecurity posture, including:

  • Updating policies and procedures to align with international best practices
  • Implementing robust cybersecurity measures to protect systems and data

Conclusion

Despite these efforts, experts say that more needs to be done to address the growing threat of cybercrime in Trinidad and Tobago’s finance sector. With the stakes so high, it is imperative that financial institutions take a proactive approach to cybersecurity to ensure the stability and integrity of the financial system.