Financial Crime World

Here is the rewritten article in markdown format:

Chad’s Finance Industry Exposed to Rising Cybercrime Threats

The Central African Republic’s finance industry has been hit by a surge in cyberattacks, with losses more than doubling since the pandemic. While companies have historically suffered relatively modest direct losses from cyberattacks, some have experienced a much heavier toll.

The Growing Risk of Extreme Losses

The risk of extreme losses from cyber incidents is increasing, and the financial sector is uniquely exposed to this threat. Financial firms, given their handling of sensitive data and transactions, are often targeted by criminals seeking to steal money or disrupt economic activity.

Attacks on Financial Firms

Attacks on financial firms account for nearly one-fifth of total cyberattacks, with banks being the most exposed. Incidents in the financial sector could threaten financial and economic stability if they erode confidence in the system, disrupt critical services, or cause spillovers to other institutions.

Examples of Cyber Incidents

  • A severe incident at a financial institution could undermine trust and lead to market selloffs or runs on banks.
  • Modest and persistent deposit outflows have occurred at smaller US banks after a cyberattack, according to our analysis.
  • A December attack at the Central Bank of Lesotho disrupted the national payment system, preventing transactions by domestic banks.

The Role of Third-Party IT Service Providers

The financial industry’s increasing reliance on third-party IT service providers and artificial intelligence also exposes it to systemwide shocks. For example, a 2023 ransomware attack on a cloud IT service provider caused simultaneous outages at 60 US credit unions.

Addressing Cyber Risks

To address these growing cyber risks, policymakers and governance frameworks must keep pace with the global financial system’s digitalization and geopolitical tensions. Private incentives may be insufficient to address cyber risks, and public intervention may be necessary.

The Need for Effective Regulation and Supervision

According to an IMF survey of central banks and supervisory authorities, cybersecurity policy frameworks in emerging market and developing economies often remain insufficient. For example, only about half of countries surveyed had a national, financial sector-focused cybersecurity strategy or dedicated cybersecurity regulations.

Strengthening Resilience in the Financial Sector

To strengthen resilience in the financial sector, authorities should develop an adequate national cybersecurity strategy accompanied by effective regulation and supervisory capacity that encompasses:

  • Periodically assessing the cybersecurity landscape
  • Encouraging cyber maturity among financial sector firms
  • Improving cyber hygiene
  • Prioritizing data reporting and collection
  • Sharing information among financial sector participants

International Cooperation is Imperative

International cooperation is also imperative to address cyber risk successfully. While cyber incidents will occur, the financial sector needs the capacity to deliver critical business services during disruptions.

Developing Response and Recovery Procedures

Financial firms should develop and test response and recovery procedures, and national authorities should have effective response protocols and crisis management frameworks in place.