Financial Crime World

Monaco’s Finance Industry Under Fire from Cybercrime Epidemic

The financial sector in Monaco is facing a severe cybercrime epidemic, with the number of attacks more than doubling since the pandemic. The consequences of these incidents could be devastating, with potential funding problems and even solvency risks on the horizon.

Rising Threats to Financial Firms

  • The size of extreme losses has quadrupled to $2.5 billion since 2017
  • Indirect losses such as reputational damage or security upgrades are substantially higher
  • Financial firms in Monaco, which handle large amounts of sensitive data and transactions, are particularly vulnerable to cybercrime

Consequences of Cyberattacks on the Financial Sector

  • Erosion of confidence in the system
  • Disruption of critical services
  • Spillovers to other institutions
  • Market selloffs or runs on banks, as seen in a recent example where modest and persistent deposit outflows occurred at smaller US banks after a cyberattack

The Role of Third-Party IT Service Providers

  • Increased reliance on third-party IT service providers has increased the risk of systemwide shocks
  • A 2023 ransomware attack on a cloud IT service provider caused simultaneous outages at 60 US credit unions

Strengthening Resilience in the Financial Sector

  • Develop an adequate national cybersecurity strategy accompanied by effective regulation and supervisory capacity
  • Periodically assess the cybersecurity landscape
  • Encourage cyber “maturity” among financial firms
  • Improve cyber hygiene
  • Prioritize data reporting and collection
  • Promote international cooperation to address cyber risk successfully

International Cooperation is Key

  • The International Monetary Fund (IMF) has actively helped member countries strengthen their cybersecurity frameworks through policy advice and capacity-building activities
  • As attacks often emanate from outside a country’s borders and proceeds can be routed across borders, international cooperation is imperative to address cyber risk effectively

Building Resilience in the Face of Cyber Incidents

  • Financial firms should develop and test response and recovery procedures
  • National authorities should have effective response protocols and crisis management frameworks in place
  • The financial sector needs the capacity to deliver critical business services during disruptions