Page 32 - Banking Finance May 2023
P. 32

ARTICLE


          Group 2: those that pose additional risks compared with  covers establishing common terminologies related to cyber
          Group 1. This includes all unbacked crypto assets along with  incidents and the proposal to develop a common format for
          any tokenised traditional assets and stablecoins that fail  incident reporting exchange (FIRE). Harmonised CIR schemes
          certain classification conditions. For group 2 crypto assets,  necessitate a common language and common definition and
          a bank's total exposure must not exceed 2% of Tier 1 capital  understanding of what constitutes a cyber incident, to avoid
          and should generally be lower than 1%.              over reporting of incidents. A review of incident reporting
                                                              templates and stocktake of authorities'  cyber incident
          The  new  standard  includes  description  of  how  the  reporting regimes indicated a high degree of commonality
          operational risk, liquidity, leverage ratio and large exposure  in the information requirements for cyber incident reports.
          requirements  would be applied to banks' crypto assets  Building on this, it is proposed to develop a common
          exposure.The FSB  has proposed a framework for the  reporting format that could be further considered among
          international regulation  of crypto assets activities.  It  financial institutions.
          observed that the turmoil in crypto assets market highlights
          their intrinsic volatility and structural vulnerabilities whereas  The BIS working paper on cyber risk in central banking has
          their interconnectedness with the traditional financial  highlighted phishing and social engineering as the most
          system is increasing. Its recommendations seek to promote  common methods of cyber-attacks related to central banks.
          international consistency on regulatory and supervisory  The growing adoption of cloud-based services as well as the
          approaches, which are grounded in the principle of "same  shift to remote work has key implications for cyber security
          activity, same risk, same regulation" approach.     strategies. In the absence of a well-defined perimeter, one
                                                              of the challenges of cloud adoption relates to information
          Financial Innovation and Financial Stability: The   security being threatened by lack of consistently applied
          IOSCO report on innovation facilitators (IFs) has highlighted  security controls. The BIS survey reveals that central banks
          the use of financial technology to enhance risk management,  have notably increased their investments in cyber security
          compliance, and supervision. It covers three types of IFs, viz.,  since 2020, giving priority to technical security control and
          innovation hubs, regulatory sandboxes and regulatory  resiliency and focussing on developing incident response
          accelerators. Innovation hubs and regulatory sandboxes may  plans. Major cyber shocks may exacerbate liquidity risk and
          provide regulators with additional market intelligence and  consequent fire-sale of assets for firms. Thus, cybersecurity
          can constitute a source for understanding potential risks and  measures and regulations are receiving greater attention
          mitigating elements. While establishing IFs, authorities  from policymakers.
          should undertake a comprehensive analysis of function,
          scope and structure along with potential impact on investor  Source:  University of Maryland  CISSM  Cyber Attacks
          protection, market integrity and financial stability. Test  Database.
          scenarios,expected outcomes and the target audience  Source:  University of Maryland  CISSM  Cyber Attacks
          should be properly defined, and authorities should engage  Database.
          with  key stakeholders, industry associations and  other
          relevant authorities to address regulatory barriers for 2. Domestic Regulatory Developments
          beneficial innovations.
                                                              The Financial Stability and Development Council (FSDC),
                                                              chaired by the Union Finance Minister, met on September
          Cyber  Risk  and  Financial  Stability:  The  FSB's  15, 2022.  The Council  deliberated  on  early  warning
          consultative document on cyber incident reporting has  indicators for the economy, improving the efficiency of the
          proposed greater convergence in cyber incident reporting  existing financial/ credit information systems,  issues  of
          (CIR) for enhancing cyber resilience of the financial system.  governance and management in systemically important
          It has set out recommendations to address  operational  financial institutions (SIFIs), strengthening the cyber security
          challenges  arising  from  the  process of collection of  framework in financial sector, common know-your-customer
          information as well as reporting of cyber incidents to  (KYC) for all financial services and related matters, status of
          multiple authorities, especially during the early stages of a  the account aggregator (AA) framework, issues relating to
          cyber incident when confidence may be low about the cause  financing of the power sector, the strategic role of the
          and probable impact of the incident. The consultation also  International Financial Services Centre (IFSC) in India, inter-

            30 | 2023 | MAY                                                                | BANKING FINANCE
   27   28   29   30   31   32   33   34   35   36   37