Financial Crime World

Cybersecurity Threats Loom Large for Oman’s Financial Institutions

The Central Bank of Oman (CBO) has issued a new regulatory framework mandating banking and financial institutions to strengthen their cybersecurity measures against growing threats. This move comes as Oman’s financial sector faces significant risks, with the CBO warning that it is vulnerable to cyber-attacks despite having been spared major disruptions in recent years.

New Regulatory Framework

Under the new framework, banks, financing companies, leasing firms, payment service providers, and money exchange companies are required to meet a set of minimum requirements to build resilience against cybersecurity risks. The regulatory body has outlined six key pillars or “Control Domains” for security precautions:

  • Governance: Establishing a strong governance structure for cybersecurity
  • Compliance & Audit: Ensuring compliance with regulations and conducting regular audits
  • Technology & Operations: Implementing robust technology and operational controls
  • Third Party Supply Chain Management: Managing third-party relationships to minimize risks
  • Online Financial Services: Protecting online financial services from cyber threats
  • Risk Management: Identifying, assessing, and mitigating cybersecurity risks

Growing Cyber Threats

The CBO’s decision comes on the heels of a 46% spike in cyber-attacks targeting financial institutions globally in 2022. The regulator warned that Oman’s financial sector is not immune to these threats, despite its relatively low incidence of major disruptions. The country’s increasing adoption of fintech and electronic payment systems as part of its digital transformation has also made it a more attractive target for cybercriminals.

Prioritizing Cybersecurity

“The need for heightened cyber vigilance is critical given the global surge in cyber-attacks,” said the CBO in its Financial Stability Report 2023. “Oman has not experienced significant disruptions from cyber risks, but it is vulnerable to such threats. Cybersecurity remains a top strategic priority for us.”

Authorizing Crypto-Currencies and Virtual Assets

The CBO’s move is also seen as a response to Oman’s plans to authorize transactions involving crypto-currencies and virtual assets for the first time. The country’s regulatory authorities are currently formulating a framework regulating these new assets and service providers.

Exploring Digital Innovations

Meanwhile, the Central Bank itself is exploring the introduction of digital products, including Central Bank Digital Currencies (CBDCs). A task force has been commissioned to study the roll-out of CBDCs, while separate groups are focused on other digital innovations. With cyber threats looming large over Oman’s financial institutions, the need for robust cybersecurity measures has never been more pressing.

Conclusion

The new regulatory framework and increased focus on cybersecurity are crucial steps in protecting Oman’s financial sector from growing threats. As the country continues to adopt fintech and digital payment systems, it is essential that financial institutions prioritize cybersecurity to ensure the stability and security of the financial system.