Market Overview

Central Bankers Are Expressing Concern About The Financial System's Preparedness For A Cyber Attack

Central Bankers Are Expressing Concern About The Financial System's Preparedness For A Cyber Attack

Technology executives are worried about cybersecurity, as are bank executives. Now, central banks are expressing concern as well.  

Multiple reports over the past few weeks suggest that the central bankers are beginning to step into the fray on the issue, and are considering ways that the financial system could better protect itself from data breaches like the one that occurred at Capital One Financial (NYSE: COF) earlier this year. 

In a speech on Nov. 21, Cleveland Federal Reserve President Loretta Mester reportedly said that banks and other financial firms should be stress-tested on their cybersecurity preparedness, according to Reuters. She also recommended that banks, regulators, and other government agencies be more open and transparent with each other with information regarding cybersecurity issues. 

"Such a test could help evaluate the financial system’s plans for data and core systems recovery and its reliance on third parties to implement that plan," she said.

The country’s largest banks are already stress-tested annually on their capital requirements as part of the Dodd-Frank Act. 

That same day, the Wall Street Journal reported that Richard Ashton, deputy general counsel for litigation, enforcement and system matters at the Federal Reserve, said at a conference that the Fed is considering increasing its supervision of technology firms that serve the banking industry. 

“How far the authority goes to conduct examinations, I think, is something we are closely looking at,” he said, according to The Journal. “Is it something that we can look at the governance structure at these third-party providers? Can we look at their overall compliance management program?”

Ashton specifically singled out cloud providers as an area where more oversight may be needed. As is the case with just about every major industry in the world, the U.S. banking industry (central banks included) has become increasingly reliant on third-party vendors like Inc (NASDAQ: AMZN) and Microsoft Corporation (NASDAQ: MSFT) for their cloud storage—though some have recently made moves to move onto their own cloud. 

Other central banks around the world have made recent comments on the issue as well. 

Filipe Denis, chief operating officer of The Bank Of Canada, said last month the central bank needs to update its cybersecurity regulations. Elsewhere, Nepal Rastra Bank, the central bank of Nepal, asked its financial institutions to implement stronger cybersecurity measures in the wake of a recent ATM hacking exposed flaws in the system.  

These comments all come in the wake of an incident at the European Central Bank in August in which the ECB had to shut down one of its websites after it was infected with malware.

“The time to define and share best practices is not after a data breach,” said Darren Conte, founder and CEO of, a secure document sharing and messaging platform. 

Conte is a former Goldman Sachs (NYSE: GS) executive who was the point person for crisis management and business continuity after the September 11 terrorist attacks. In that time, he saw many institutions scrambling to put better contingencies in place. 

“It was a wake-up call that forced Wall Street to come together to share tactics and be better prepared,” he said. “With today’s ever-changing technology landscape, it would seem appropriate for the Fed to reach out to the industry’s stakeholders to conduct cybersecurity stress tests and share best practices and standards so that everyone can do their part to protect the financial infrastructure we rely on.”


Related Articles (AMZN + COF)

View Comments and Join the Discussion!

Posted-In: Fintech Government News Regulations Legal Global Federal Reserve General