Financial Crime World

Central Bank of Oman Introduces New Regulatory Framework to Bolster Cybersecurity in Finance Sector

Oman - The Central Bank of Oman (CBO) has introduced a new regulatory framework to strengthen the cybersecurity measures of banks and financial institutions in the country.

Enhancing Cybersecurity Measures in Oman’s Financial Sector

In a statement, the Central Bank announced that the new regulations aim to ensure the resilience of financial institutions by implementing a “set of minimum requirements.” The framework applies to banks, financing and leasing companies, payment service providers, money exchange companies, falling under the jurisdiction of this legislation.

Six Key Pillars of Cybersecurity and Resilience

The new regulatory framework consists of six key pillars, which are categorized as ‘Control Domains’:

  1. Governance, Compliance & Audit: Ensuring that the organization has the necessary policies, procedures, and controls in place to effectively manage cybersecurity risks.
  2. Technology & Operations: Implementing and maintaining appropriate technology and operational controls to protect against cyber threats.
  3. Third Party Supply Chain Management: Ensuring that third-party vendors and service providers meet the required cybersecurity standards.
  4. Online Financial Services: Ensuring that online financial services are secure and have robust authentication and encryption mechanisms.
  5. Risk Management: Identifying, assessing, and managing cybersecurity risks.

Cybersecurity as a Strategic Priority

The Central Bank’s latest Financial Stability Report 2023 highlighted that cyber-risks pose significant risks to the financial sector. Although Oman’s financial sector has been relatively unscathed by cyber attacks in recent years, it was identified as a potential target due to the country’s increasing adoption of fintech and electronic payment systems. The report stated that the global financial industry experienced a 46% increase in cyber attacks in 2022 compared to figures from 2021.

The potential consequences of cyber attacks include loss of customer trust and potential harm to the financial sector. The Central Bank stated, “While Oman has not experienced any significant cyber disruptions to date, it, like any other jurisdiction, remains vulnerable. Cybersecurity remains a top strategic priority for the CBO.”

Vulnerability To Cyber Fraud and Other Malicious Activities

With the financial sector becoming an increasingly attractive target for international cyber gangs due to the substantial potential rewards for successful attacks, the Central Bank’s renewed focus on cybersecurity is crucial. The regulatory authorities, including the Central Bank and the Capital Market Authority (CMA), are preparing to authorize transactions involving crypto-currencies and other virtual assets for the first time. Vulnerability to cyber fraud and other malicious activities is a significant concern.

The Central Bank is also considering the roll-out of new digital products, such as Central Bank Digital Currencies (CBDCs), and has commissioned task forces and separate groups to study their implementation. “As we embrace digital innovation in the financial sector, it is essential that we maintain robust cybersecurity measures to protect both institutions and customers,” said a Central Bank spokesperson.