Financial Crime World

Oman Banks and Financial Firms Mandated to Strengthen Cyber Security Measures

New Regulatory Framework Issued by Central Bank of Oman

On September 23, 2023, the Central Bank of Oman (CBO) issued a new regulatory framework requiring licensed banks and financial institutions to strengthen their cybersecurity measures. This move aims to bolster the country’s financial sector against growing cyber threats.

Key Requirements

The regulations apply to banks, financing and leasing companies, payment service providers, money exchange companies, and other financial institutions operating in Oman. The framework is structured around six key pillars, or “Control Domains,” which include:

  • Governance: Establishing a clear organizational structure for cybersecurity management
  • Compliance & Audit: Conducting regular audits to ensure compliance with regulatory requirements
  • Technology & Operations: Implementing robust technology and operational controls to prevent cyber attacks
  • Third Party Supply Chain Management: Ensuring that third-party vendors meet minimum cybersecurity standards
  • Online Financial Services: Protecting online financial services from cyber threats
  • Risk Management: Identifying, assessing, and mitigating cybersecurity risks

These measures aim to safeguard critical assets and operations from cyber attacks, as well as prevent potential disruptions to the financial sector.

Growing Concerns Over Cyber Threats

The CBO’s move comes against a backdrop of growing concerns over the increasing frequency and sophistication of cyber-attacks targeting financial institutions globally. According to the Central Bank’s latest Financial Stability Report 2023, Oman’s financial sector remains vulnerable to such threats despite having avoided significant disruptions in recent years.

  • Global Attacks Surge: Global attacks on financial institutions surged by a staggering 46% in 2022 compared to the previous year.
  • Oman Remains Vulnerable: The Central Bank warned that Oman’s financial sector, while relatively secure, remains vulnerable to cyber threats.

Digital Transformation and Cyber Vigilance

As Oman continues its digital transformation journey, incorporating fintech and electronic payment systems, the need for heightened cyber vigilance is more pressing than ever. The country’s regulatory authorities are also preparing to authorize transactions involving crypto-currencies and virtual assets for the first time, which raises concerns over vulnerability to cyber fraud and other criminal activity.

Task Force Established

In response, the Central Bank has commissioned a task force to study the introduction of Central Bank Digital Currencies (CBDCs), while separate groups focus on other digital innovations. The authority emphasized that cyber security remains a top strategic priority, acknowledging Oman’s potential exposure to cyber risks despite its relatively good track record in recent times.

Conclusion

The regulatory framework is designed to ensure that financial institutions operating in Oman adopt robust cybersecurity measures, which will ultimately benefit the country’s financial sector and customers alike. As the battle against cyber threats continues to evolve, it remains essential for stakeholders to remain vigilant and proactive in safeguarding their operations and assets against potential threats.