Central banks said on Wednesday that limiting operational risks in the financial sector "is a cause for concern both for regulators and the industry." In this semester's financial stability report, the agency reports that in recent years the risks associated with cyber security have become more significant. "Although cyber risks together with other operational risks, potentially affecting the continuity of financial services, it may be related to more far-reaching risks to financial stability, such as involving financial assets or theft of information that may directly endanger this kind of attack on victims," said the institution .
In recent years, he said that there are more and more cases of cybercrime violations by financial institutions in various jurisdictions, and in a number of cases there are significant consequences. "At the local level, the cyber attacks that the Chilean Bank suffered on May 24, as well as the Banco Consorcio's November 6 reports, show that our financial system has not been freed from these events," he said.
Financial stability and problems in Chile
In this regard, he pointed out that there are at least five cases where the implementation of cyber-security risks could jeopardize financial stability. First, cyber-attacks can cause disturbances in the financial services of affected institutions, whether they are banking or financial infrastructure. Due to the interconnection of these companies, the breaks could ultimately be spread to the rest of the financial system. Secondly, cyber-attacks can stop the flow of conventional payments affecting other institutions, including financial market infrastructures, through the High-Value Payment System (SEA). Because of their origins, these two channels are primarily related to the traditional concept of cyber security as operational risk. Thirdly, cybercrime can cause loss of financial information critical information, including sensitive customer information. Fourth, they may weaken the financial institution's financial position as a result of theft of funds. Fifth, cybercrime can reduce the trust of agents in the security of the financial system.
"For example, a cyber attack on low-value payment systems undermines the trust of participants, hindering transactions and ultimately affecting financial performance.
Indeed, the impact on financial stability will depend on factors such as the size of the attack, the size of the affected institutions and their ability to respond to normal operations, "he concluded.
In this context, he stated that some of the future tasks for regulators to refine, revise the regulatory and supervisory framework for operational risk management and cyber security. "The foregoing may include adding more details to the rules in order to minimize discretion in the implementation of measures, termination of claims in accordance with international standards and best practices, and the treatment of transboundary risks and impacts on other institutions," he said.
On the other hand, he noted that "there is a need to improve cyber-security risk monitoring and monitoring. This implies a new metrics analysis that allows them to be properly identified and evaluated. It should also be considered if their supervisory capacity is adequate or to be improved or created. .
Finally, it is important that financial institutions in the private sector are kept under review when the cyber-security risks to which they are exposed are well managed. This is because they not only answer their customers for the commitments they have made with them but also form part of a highly interconnected system. For the rest, it is in the interests of ourselves to adequately protect our resources and information, as the costs of implementing these risks are high and reputable.