Regulators concerned about cyber attacks on financial services
Cyber regulation in Asia Pacific Deloitte report
According to Deloitte's Cyber regulation in
Kevin Nixon, Global & Asia-Pacific Leader, Centre for Regulatory Strategy, Deloitte said: "The financial system relies on confidentiality of data, protection of deposits, and provision of critical services. All of this has come under threat given the increase recently in the frequency of cyber-attacks.
“As financial institutions become more data-driven digital businesses and more financial services are delivered online, cyber risks are increasing. If these cyber risks and responses are not well managed, they could threaten the stability of the financial system.
“We believe that this means only those financial institutions with robust cyber security and cyber risk management will be able to maintain trust and enhance their competitive edge to retain customers."
In response to these risks, regulators are considering appropriate standards and supervisory tools, and are actively urging firms to enhance capabilities so as to address these emerging threats. The Deloitte Cyber regulation in
Varied regulatory approaches
Although cyber threats cut across borders, regulatory approaches to cyber risk in
The need to defend against outsourcing risk is an emerging and growing area of concern, in particular for those economies where IT services are widely contracted out to jurisdictions with weaker cyber security regimes.
Lack of human resources capabilities
The fact that financial institutions operating in
The Deloitte's report provides insights into developing a framework for overcoming these challenges and for strengthening cyber resilience.
James Nunn-Price, Asia-Pacific Cyber Risk Leader, Deloitte said: "Cyber-attacks are inevitable, and once regulators and organisations accept this, they can focus on building holistic, dynamic,
“Strategies that enhance security will enable organisations to stay vigilant for emerging threats, and ensure a flow of insights through to the cyber ecosystem and attract senior support and oversight, will be the ones that best position financial institutions to stay ahead of regulatory expectations."
Beyond this, industry and regulators should work together to further the development of cyber skills and expertise, to foster common standards and approaches, to support information sharing and to facilitate coordinated responses to incidents and attacks.
For more information, please visit the Deloitte Asia Pacific Centre for Regulatory Strategy and Deloitte Cyber Intelligence Centre.