Search Results

You are looking at 1 - 10 of 11 items for :

  • "cybersecurity risk oversight" x
Clear All
International Monetary Fund. Monetary and Capital Markets Department

Cybersecurity Risk Oversight (Banxico) Banxico should develop and issue regulatory requirements, based on the CPMI-IOSCO guidance and its cyber strategy, for the FMIs under its oversight mandate, including SPEI (¶61). I Banxico Banxico should follow a more structured and comprehensive process for cyber risk oversight. This includes utilizing a portfolio of tools and techniques to assess measures used to address cyber risk against set requirements, reaching clear conclusions, and identifying specific remedial measures or thematic findings. Such assessments

International Monetary Fund. Monetary and Capital Markets Department

framework. They are also encouraged to strengthen the oversight of banks’ liquidity and funding risks and close data gaps. Remaining weaknesses in the effectiveness of AML/CFT supervision should be addressed. While Norway’s cybersecurity risk mitigation framework is advanced, cybersecurity risk oversight of payment systems should be further intensified. 1 The Financial Sector Assessment Program (FSAP), established in 1999, is a comprehensive and in-depth assessment of a country’s financial sector. FSAPs provide input for Article IV consultations and thus enhance

International Monetary Fund. Monetary and Capital Markets Department

cybersecurity risk framework is advanced, cybersecurity risk oversight of payment systems should be intensified. Approved By James Morsink Philip Gerson Prepared By Monetary and Capital Markets Department This report was prepared in the context of the Financial Sector Assessment Program (FSAP) missions that visited Norway during October 2019 and January–February 2020. The FSAP findings were discussed with the authorities. An IMF team visited Norway during October 9–29, 2019 and January 28–February 13, 2020 to conduct an assessment under the Financial

International Monetary Fund. Monetary and Capital Markets Department
Much of the work of the Financial Sector Assessment Program (FSAP) was conducted prior to the COVID-19 pandemic, with the missions ending on February 13, 2020. Given the FSAP’s focus on medium-term challenges and vulnerabilities, however, its findings and recommendations for strengthening policy and institutional frameworks remain pertinent. The report was updated to reflect key developments and policy changes since the mission work was completed. It also includes a risk analysis that quantifies the possible impact of the COVID-19 crisis on bank solvency. Since the previous FSAP in 2015, the Norwegian authorities have taken welcome steps to strengthen the financial system. Regulatory capital requirements for banks were raised and actions were taken to bolster the weak capital position of insurers. Alongside other macroprudential measures, temporary borrower-based measures for residential mortgages were introduced, which seem to have had some moderating impact on segments of the housing market. The resolution framework was also strengthened, with the implementation of the Bank Recovery and Resolution Directive (BRRD) and the designation of Finanstilsynet (FSA) as the resolution authority.
International Monetary Fund. Monetary and Capital Markets Department

a clear description of how off-site supervision on cybersecurity should be conducted, and how assessments influence the overall risk assessments of institutions by the general supervisors. The FSA is also encouraged to issue additional enforceable guidance to the supervised institutions on IT/cybersecurity risk and to increase the intrusiveness of on-site cybersecurity risk inspections. 54. Norges Bank’s cybersecurity risk oversight of payment systems should be intensified . Following a more structured and comprehensive approach to cybersecurity risk would also

International Monetary Fund. Monetary and Capital Markets Department

On behalf of the Norwegian authorities, we would like to thank staff for the Financial System Stability Assessment (FSSA) report on the Norwegian financial system and the valuable discussions we have had over the last year. Although the coronavirus has changed the economic and financial outlook significantly, most of the recommendations will still be valid after the pandemic has subsided. The Norwegian authorities note in particular that the report concludes that Norway has taken welcome steps to strengthen the financial system since the last FSAP. At the same time, we agree that several vulnerabilities and challenges remain. The analyses and policy recommendations are valuable inputs to the authorities’ work on improving the robustness of the Norwegian financial system.

International Monetary Fund. Monetary and Capital Markets Department

, supported by adequate tools. This can help to avoid blind spots in assessments over time and can, combined with the usage of intrusive on-site examination techniques, increase the level of assurance regarding the cyber-resilience of the financial sector. Further clarification could be added to the role of ICT/cybersecurity risk assessments in the overall supervisory assessment of an institution and on the influence on decisions regarding supervisory measures. Cybersecurity risk oversight should be intensified, and more emphasis should be given to critical service

International Monetary Fund. Monetary and Capital Markets Department
The Norwegian financial system has a long history of incorporating new technology. Norway is at the forefront of digitization and has tight interdependencies within its financial system, making it particularly vulnerable to evolving cyber threats. Norway is increasingly a cashless society, with surveys and data collection suggesting that only 10 percent of point-of-sale and person-to-person transactions in 2019 were made using cash.1 Most payments made in Norway are digital (e.g., 475 card transactions per capita per annum)2 and there is an increase in new market entrants providing a broad range of services. Thus, good cybersecurity is a prerequisite for financial stability in Norway.
International Monetary Fund. Monetary and Capital Markets Department

Cybersecurity Risk Oversight Expedite the adoption of the revised National Payment Systems Act to establish explicit regulatory, supervisory and oversight powers for the SARB. ST Formalize the cyber resilience frameworks for all systemically important FMIs with metrics for benchmarking. MT Monitor the compliance of SAMOS and SADC-RTGS participants with the mandatory controls of the SWIFT Customer Security Program, and ensure self-attestations are audited. I Assess all FMI critical service providers against the CPMI-IOSCO Assessment Methodology

International Monetary Fund. Monetary and Capital Markets Department
Cybersecurity risk continues to grow both in complexity and severity and is a function of an increasingly open and interconnected cyber and financial ecosystem. The South African financial system has a long history of incorporating technology and as for many financial systems across the globe, digitalization has become a strategic priority. For risk management to keep pace with the dynamic nature of cyber threats and threat agents, systemically important financial institutions (SIFIs) have made substantial investments in cyber resilience programs (e.g., establishing cyber strategies, frameworks, and governance structures). Consistent with many jurisdictions, and partly a result of widespread remote working arrangements implemented in response to the global pandemic, cybersecurity threats to financial stability increased. However, high standards of risk management meant threats did not materialize into significant losses and/or disruptions.