Search

Get data fail, please try again

Author

    Article

      see more results
      Subscribe
      29 Aug 2017

      Fintech, cyber risk & solutions

      Kevin Nixon & James Nunn-Price
      Kevin Nixon & James Nunn-Price
      Partners, risk advisory at Deloitte

      The increasing inevitability of cyberattacks and data breaches in today’s digital economy is causing regulators in Asia-Pacific to worry about the risk to financial services of a systemic cyber event.

      These events pose a major threat in terms of service, confidence and capacity to keep the wheels of commerce in operation, so regulators are moving rapidly to strengthen their regulatory and supervisory capabilities.

      According to Deloitte's Cyber regulation in Asia Pacific report, cyber-attacks globally and within Asia Pacific have increased in frequency and sophistication, with the cost of cybercrime estimated around $US575 billion a year. Financial services organisations are a key target. 

      Click image to zoom Tap image to zoom

      Pinch to zoom

      Deloitte-cyber1.png

      We argue a multi-pronged but coordinated approach should be adopted - one focused on security, vigilance and resilience, supported by robust governance and guided by a clear strategy. This will best position financial institutions to be cyber strong and to stay ahead of regulatory expectations. 

      " A multi-pronged but coordinated approach should be adopted." Kevin Nixon & James Nunn-Price

      Targeted in APAC

      This is hardly surprising: the financial system relies on confidentiality of data, protection of deposits, and provision of critical services. The threat, given the frequency of cyber-attacks recently, is clear and present.

      Because financial institutions are becoming data-driven digital businesses as more financial services are delivered online cyber risk increases. Given the financial system is extensively interconnected and increasing ICT interdependence across borders if cyber risks and responses are not well managed the impact of a cyber event can quickly spread.

      That then drives regulators to consider appropriate standards and supervisory tools and actively urge firms to enhance their capabilities to address these emerging threats

      But it’s not just meeting regulatory demands which makes managing cyber risk important - robust security and risk management is essential for maintaining trust and enhancing a competitive edge to retain customers.

      Views from regulators 

      Click image to zoom Tap image to zoom

      Pinch to zoom

      Deloitte-cyber3.png

      Varied approach

      Although cyber threats cut across borders, regulatory approaches to cyber risk in Asia Pacific are varied and localised, with no significant steps yet taken towards harmonised standards across the region.

      Many financial institutions struggle to understand the regulatory differences at a country level or are aware of emerging threats so as to design coherent and robust cyber risk programs across jurisdictions.

      Another challenge for firms is the shortage of IT security specialists and cyber professionals, making it difficult to stay up to date with the pace of change in the cyber landscape.

      There can also be a lack of management recognition or understanding of the importance of cyber security, which may mean a failure to adopt a coordinated approach across functions.

      While different countries face different challenges, there are broad regulatory themes and approached common across the region underlying the clutter of difference laws, rules and standards.

      Framework

      Click image to zoom Tap image to zoom

      Pinch to zoom

      Deloitte-cyber2.png

      Cyber-attacks are inevitable. Regulators and organisations must accept this and turn their attention to building enterprise-wide programs to ensure they can adapt quickly and effectively to the constantly changing landscape. The ability to recover fast is critical.

      Beyond individual action, it is important for industry, regulators and governments to work together to further enhance cyber skills and expertise, to develop common standards and approaches, and to support information sharing.

      Coordinated responses to incidents and attacks, drawing on group knowledge and experience, is a key element to maintaining cyber resilience within the system as a whole and among its many participants.

      Click image to zoom Tap image to zoom

      Pinch to zoom

      deloitte-cyber4.png

      Kevin Nixon & James Nunn-Price are partners, risk advisory at Deloitte

      The views and opinions expressed in this communication are those of the author and may not necessarily state or reflect those of ANZ.

      Business Finance Fintech

      editor's picks

      Technology

      28 Jul 2017

      Real-time payment: busting the myths around PayID

      Kate Sutherland | bluenotes contributor

      New system supports easy-to-remember ID to safely direct or receive payments.
      Technology

      14 Jun 2017

      Trusted intermediaries: banks vs FANGs

      Andrew Cornell | Past Managing Editor, bluenotes

      Banking is essential to a modern economy but banks are not. Can FANGs fill the role?
      Technology

      05 May 2017

      RegTech: creating value, not disruption

      Chami Akmeemana | Executive director of regulatory solutions, ConsenSys

      Since the financial crisis in 2008 the speed of regulatory change has accelerated rapidly, consuming an increasing amount of time and resources. In 2014, the top six banks in the US spent over $US70 billion on emerging regulation.
      Business Finance

      18 May 2017

      Financial crime's dynamic duo: AUSTRAC & industry

      Guy Boyd | Head of Financial Crime, ANZ

      We speak to AUSTRAC CEO Paul Jevtovic on the relationship between regulators and the private industry.