Narrow Your Choices

Refine By Countries

Refine By Series

Refine By Language

Refine By Date

—

Refine By IMF Taxonomy

Refine By JEL Taxonomy

Refine by LOC Taxonomy

Refine By THEMA Taxonomy

  • Print
  • Save

Computers > Online Safety & Privacy

You are looking at 1 - 10 of 16 items for

  • Type: Journal Issue x
Clear All Modify Search
Cover IMF Staff Country Reports
Mexico: Financial Sector Assessment Program-Technical Note on Cyber Resilience and Financial Stability
International Monetary Fund. Monetary and Capital Markets Department
Mexico’s financial system is digitalizing rapidly, increasing exposure to cyber risk. As in other jurisdictions, internet and mobile banking users in Mexico have increased substantially, but cyber incidents have also surged in recent years. The tight interdependencies within its financial system, and beyond, make Mexico vulnerable to evolving cyber threats. Thus, the Financial System Stability Council (CESF) has recognized cyber as a risk with potential to impact financial stability.
Keywords:
information security; financial system Stability Council; cybersecurity risk supervision; Banco de México; supervision of participant; simulation exercise; payment system oversight function; Cyber risk; Financial sector; Financial sector stability; Infrastructure; PFM information systems; Global
Cover IMF Staff Country Reports
Ireland: Financial Sector Assessment Program-Technical Note on Oversight of Fintech
International Monetary Fund. Monetary and Capital Markets Department
Ireland’s fintech sector is growing in importance through the entry of innovative new players and digital transformation of incumbents’ business models and products. The Irish Government has adopted an action plan for the development of Ireland’s international financial services sector that includes several initiatives of relevance to fintech. Meanwhile, the Central Bank of Ireland (the Central Bank), the integrated financial services regulator, engages with new entrants with a view to securing consumer interests and safeguarding the resilience of the financial system, thereby harnessing the benefits of fintech while managing additional risks it may generate. The largest sub-sector is represented by payment and e-money institutions (PIEMIs). Recent data show most Irish adults are using digital payments multiple times a week, while 24 percent use their mobile phone for contactless payments. Ownership of crypto-assets is also on the rise, especially among young adults. Beyond payments and crypto-assets, fintech activities are developing on a smaller scale in areas such as insurance and investment management. Meanwhile, the importance of market support firms, including cloud service providers (CSPs), continues to grow.
Keywords:
central bank of Ireland; support firm; markets authority; host regulator; customer base; Fintech; Virtual currencies; Financial sector; Anti-money laundering and combating the financing of terrorism (AML/CFT); Global; Cyber risk
Cover IMF Staff Country Reports
South Africa: Financial Sector Assessment Program-Technical Note on Cybersecurity Risk Supervision and Oversight
International Monetary Fund. Monetary and Capital Markets Department
Cybersecurity risk continues to grow both in complexity and severity and is a function of an increasingly open and interconnected cyber and financial ecosystem. The South African financial system has a long history of incorporating technology and as for many financial systems across the globe, digitalization has become a strategic priority. For risk management to keep pace with the dynamic nature of cyber threats and threat agents, systemically important financial institutions (SIFIs) have made substantial investments in cyber resilience programs (e.g., establishing cyber strategies, frameworks, and governance structures). Consistent with many jurisdictions, and partly a result of widespread remote working arrangements implemented in response to the global pandemic, cybersecurity threats to financial stability increased. However, high standards of risk management meant threats did not materialize into significant losses and/or disruptions.
Keywords:
IMF-World Bank Financial Sector Assessment Program; payment system management body; securities commission; cybersecurity risk; FSAP's finding; committee on payment; clearing house; Cyber risk; Financial sector; PFM information systems; Operational risk; Payment systems; Africa; Global
Cover IMF Staff Country Reports
United Kingdom: Financial Sector Assessment Program-Some Forward Looking Cross-Sectoral Issues
International Monetary Fund. Monetary and Capital Markets Department
The United Kingdom faces significant money laundering threats from foreign criminal proceeds, owing to its status as a global financial center, but the authorities have a strong understanding of these risks. The authorities estimated the realistic possibility of hundreds of billions of pounds of illicit proceeds being laundered in their jurisdiction. The money laundering risks facing the United Kingdom include illicit proceeds from foreign crimes such as transnational organized crime, overseas corruption, and tax crimes. Financial services, trust, and company service providers (TCSPs), accountancy and legal sectors are high-risk for money laundering, with also significant emerging risks coming from cryptoassets. Some Crown Dependencies (CDs) and British Overseas Territories (BOTs) have featured in U.K. money laundering investigations. Brexit and COVID pandemic have an impact upon the money laundering risks in the United Kingdom. The authorities nevertheless have demonstrated a deep and robust experience in assessing and understanding their ML/TF risks. Leveraging technology tools such as big data and machine learning to analyze cross-border payments may add further dimension to their risk assessments. This technical note (TN) will focus on key aspects of the United Kingdom’s anti-money laundering and countering the financing of terrorism (AML/CFT) regime: risk-based AML/CFT supervision, entity transparency and international cooperation.
Keywords:
information sharing; financial services markets act; infrastructure regulation; resilience Group; framework review; prudential regulation committee; NIST cyber security framework; Anti-money laundering and combating the financing of terrorism (AML/CFT); Cyber risk; Global
Cover IMF Working Papers
Operational Resilience in Digital Payments: Experiences and Issues
Mr. Tanai Khiaonarong, Mr. Harry Leinonen, and Ryan Rizaldy
Major operational incidents in payment systems suggest the need to improve their resiliency. Meanwhile, as payment infrastructures become more digitalized, integrated, and interdependent, they require an even higher degree of resilience. Moreover, risks that could trigger major disruptions have become more acute given the rise in power outages, cyber incidents, and natural disasters. International experiences suggest the need to strengthen reliability objectives, redundancies, assessment of critical service providers, endpoint security, and alternative arrangements
Keywords:
Operational resilience; payment systems; risks; disasters; business continuity; disruption scenario; payment infrastructure; business continuity arrangement; tandem payment processing design; payments experience; Payment systems; Operational risk; Cyber risk; Natural disasters; Infrastructure; Global
Cover IMF Working Papers
Central Bank Risk Management, Fintech, and Cybersecurity
Mr. Ashraf Khan and Majid Malaika
Based on technical assistance to central banks by the IMF’s Monetary and Capital Markets Department and Information Technology Department, this paper examines fintech and the related area of cybersecurity from the perspective of central bank risk management. The paper draws on findings from the IMF Article IV Database, selected FSAP and country cases, and gives examples of central bank risks related to fintech and cybersecurity. The paper highlights that fintech- and cybersecurity-related risks for central banks should be addressed by operationalizing sound internal risk management by establishing and strengthening an integrated risk management approach throughout the organization, including a dedicated risk management unit, ongoing sensitizing and training of Board members and staff, clear reporting lines, assessing cyber resilience and security posture, and tying risk management into strategic planning.. Given the fast-evolving nature of such risks, central banks could make use of timely and regular inputs from external experts.
Keywords:
IMF Risk Management TA; risk landscape; B. IMF AIV; IMF surveillance; case example; Fintech; Central bank risk management; Cyber risk; Operational risk; Global; Middle East and Central Asia; Asia and Pacific; Western Hemisphere; Eastern Europe
Cover Staff Discussion Notes
Cyber Risk and Financial Stability: It’s a Small World After All
Frank Adelmann, Ms. Jennifer A. Elliott, Ibrahim Ergen, Tamas Gaidosch, Nigel Jenkinson, Mr. Tanai Khiaonarong, Anastasiia Morozova, Nadine Schwarz, and Christopher Wilson
The ability of attackers to undermine, disrupt and disable information and communication technology systems used by financial institutions is a threat to financial stability and one that requires additional attention.
Keywords:
Cyber risk; Cybersecurity; Financial regulation; operational resilience; risk management; information sharing; market infrastructure; sharing of information; cybercrime support services; evolution of cyberattack; Financial sector stability; Financial sector risk; Financial stability assessment; Financial sector; Global
Cover IMF Staff Country Reports
Belize: Technical Assistance Report—Cybersecurity, Regulation, Supervision, and Resilience
International Monetary Fund. Monetary and Capital Markets Department
Cybersecurity risk is embedded in the CBB’s supervisory framework, but additional enhancements are needed to formalize guidance and develop more intensive supervisory practices. Supervisory expectations on cybersecurity are presented in an informal guidance note, which should be formalized into regulation to ensure enforceability; and an IT/cybersecurity supervisory manual should be developed to promote effective and consistent practices. With its principle-based guidance note, the CBB highlights its priorities in strengthening the cybersecurity posture of Belizean financial institutions. The principles are an appropriate interpretation of international best practices on incident prevention, detection, response, and recovery measures, adapted to the cyber maturity of the Belizean financial institutions, and can be used as a foundation for the formalized guidelines. The manual could emphasize the review of cybersecurity strategies, policies, and responsibility specifications and should address obtaining assurance on the effectiveness of the financial institutions’ processes for cyber risk identification, assessment, and mitigation.
Keywords:
ISCR; CR; risk management; self-assessment guidance; cybersecurity governance; cybersecurity process; efficiency gain; cybersecurity resilience; cybersecurity regulation; incident reporting; guidance note; control environment; cybersecurity posture; incident management; cybersecurity innovation; cybersecurity guidance note; cybersecurity guideline; Cyber risk; Central bank bills; Operational risk; Internal audit; Securities; Global
Cover IMF Staff Country Reports
Norway: Financial Sector Assessment Program-Technical Note-Cybersecurity Risk Supervision and Oversight
International Monetary Fund. Monetary and Capital Markets Department
The Norwegian financial system has a long history of incorporating new technology. Norway is at the forefront of digitization and has tight interdependencies within its financial system, making it particularly vulnerable to evolving cyber threats. Norway is increasingly a cashless society, with surveys and data collection suggesting that only 10 percent of point-of-sale and person-to-person transactions in 2019 were made using cash.1 Most payments made in Norway are digital (e.g., 475 card transactions per capita per annum)2 and there is an increase in new market entrants providing a broad range of services. Thus, good cybersecurity is a prerequisite for financial stability in Norway.
Keywords:
ISCR; CR; cybersecurity incident; cybersecurity risk; incident report; NSM cybersecurity principle; FSA plan; incident information; information sharing; risk management; cybersecurity risk supervision; oversight function; Cyber risk; Financial sector; Financial stability assessment; PFM information systems; Securities; Global
Cover IMF Working Papers
Cyber Risk Surveillance: A Case Study of Singapore
Joseph Goh, Mr. Heedon Kang, Zhi Xing Koh, Jin Way Lim, Cheng Wei Ng, Galen Sher, and Chris Yao
Cyber risk is an emerging source of systemic risk in the financial sector, and possibly a macro-critical risk too. It is therefore important to integrate it into financial sector surveillance. This paper offers a range of analytical approaches to assess and monitor cyber risk to the financial sector, including various approaches to stress testing. The paper illustrates these techniques by applying them to Singapore. As an advanced economy with a complex financial system and rapid adoption of fintech, Singapore serves as a good case study. We place our results in the context of recent cybersecurity developments in the public and private sectors, which can be a reference for surveillance work.
Keywords:
WP; third-party cyberattack scenario; IT environment; financial system; outsourcing relationship; cybersecurity strategy; cyber risk; financial innovation; financial institutions; systemic risk; stress test.; WannaCry ransomware attack; Stress testing; Financial sector risk; Insurance companies; Global