Financial Crime World

Financial Institution Cybersecurity Measures in New Zealand Fall Short, Regulator Warns

The Financial Markets Authority (FMA) has recently released a report highlighting shortcomings in the cybersecurity and operational systems of financial services firms in New Zealand. The regulator has published an information sheet to help these entities enhance their technology and operational resilience, and meet relevant licence obligations.

Cyber Incidents on the Rise

According to the FMA, the financial sector recorded the highest number of reported cyber incidents across all industries for the quarter ended March 2022. Criminals are targeting financial services due to their perceived value, making it crucial that these institutions prioritize cybersecurity measures.

Shortcomings in Technology and Operational Systems

The regulator has identified underinvestment in technology and the use of unsupported or legacy systems as major concerns among licensed entities. This highlights the need for financial services firms to upgrade their systems and invest in modern technology to ensure they can meet their market services licensee obligations effectively.

Obligations for Licensed Entities

All firms licensed by the FMA must meet specific obligations, including:

  • Having adequate and effective systems, policies, processes, and controls in place
  • Ensuring IT systems used to deliver licensed market services are secure and reliable
  • Arranging to manage associated risks

Thematic Review of Cyber Resilience

The FMA published a thematic review of cyber resilience in regulated entities in 2019. This review outlined the regulator’s expectations around cybersecurity and operational resilience, emphasizing the importance of business continuity and technology systems for financial advice providers.

Urgent Action Required

The regulator is urging financial services firms to take steps to enhance their cybersecurity measures, including:

  • Investing in modern technology
  • Implementing robust risk management strategies

With the increasing threat of cyber attacks, it is crucial that these institutions prioritize the security and reliability of their IT systems to protect themselves and their customers from potential harm.