Menu
Reserve Bank targets cyber resilience for the financial services sector

Reserve Bank targets cyber resilience for the financial services sector

Attacks earlier this year highlighted the need for increased vigilence

Geoff Bascand (Reserve Bank of NZ)

Geoff Bascand (Reserve Bank of NZ)

Credit: Supplied

The Reserve Bank – Te Pūtea Matua – today released draft guidance on what regulated entities should consider when managing cyber resilience.

In light of rising cyber risk and growing clarity on a suitable role for financial sector regulators, the Reserve Bank first outlined its intention to become more proactive in promoting cyber resilience in New Zealand’s financial sector in a November 2019 financial stability report.

That report announced an evolution in the Reserve Bank's policy stance towards taking more interest in improving the cyber resilience of the financial sector in New Zealand. 

A spate of cyber attacks across New Zealand earlier this year was a reminder of the disruption that they can cause, and showed the importance of taking an increasing proactive role in improving the cyber resilience of New Zealand’s financial sector, deputy governor and general manager of financial stability Geoff Bascand said.

The New Zealand Stock Exchange (NZX) in particular suffered significant disruption from a massive denial of service attack.

The cyber world has long been recognised as a significant source of operational risk for financial institutions, he said.

The draft guidance, which is open for feedback, outlines the Reserve Bank’s expectations around cyber resilience, drawing heavily from leading international and national cybersecurity standards and guidelines.

“As cyber risk continues to rise, there is growing awareness that cyber incidents could present risks to the stability of the entire financial system," Bascand said. 

"Improving cyber resilience has become a key priority for prudential regulators around the world."

The consultation document presents draft cyber risk management guidance which would apply to all entities the Reserve Bank regulates. 

This includes registered banks, licensed non-bank deposit takers, licensed insurers and designated financial market infrastructures. 

The principle of proportionality applies throughout this guidance. 

"This guidance should be employed in a manner proportionate to the size, structure and operational environment of an entity, as well as the nature, scope, complexity and risk profile of its products and services," it says. 

"This guidance provides the baseline-level of cyber resilience recommendations for entities and, where necessary, also provides recommendations for enhanced-level practices."

The consultation paper seeks feedback on how information gathering and sharing by the Reserve Bank with relevant public sector bodies can help to build cyber resilience.

“We are open to feedback on the guidance, but we expect it will be useful for firms as they develop their own frameworks to address the cyber risks they face," Bascand said.

The proposed guidance and the bank's information collection plans have been designed to complement the work of other government agencies with a direct interest in promoting cyber resilience in the financial sector – including the Financial Markets Authority, the National Cyber Security Centre and the Computer Emergency Response Team.

The consultation is open for 14 weeks and closes on 29 January 2021 with the final guidance to be released next year.


Follow Us

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags Financial Servicescyber secuityReserve Bank

Featured

Slideshows

The Kiwi channel gathers for the 2020 Reseller News Women in ICT Awards

The Kiwi channel gathers for the 2020 Reseller News Women in ICT Awards

Hundreds of leaders from the New Zealand IT industry gathered at the Hilton in Auckland on 17 November to celebrate the finest female talent in the Kiwi channel and recognise the winners of the Reseller News Women in ICT Awards (WIICTA) 2020.

The Kiwi channel gathers for the 2020 Reseller News Women in ICT Awards
Leading female front runners honoured at the 2020 Reseller News Women in ICT Awards

Leading female front runners honoured at the 2020 Reseller News Women in ICT Awards

The leading female front runners of the New Zealand ICT industry joined together for the annual Reseller News Women in ICT Awards event at the Hilton in Auckland, during which hundreds of guests celebrated 13 outstanding individuals who won awards, chosen from more than 50 finalists representing over 30 organisations.

Leading female front runners honoured at the 2020 Reseller News Women in ICT Awards
Channel gathers to celebrate the Reseller News Innovation Awards 2020 winners

Channel gathers to celebrate the Reseller News Innovation Awards 2020 winners

More than 500 channel leaders gathered in Auckland on 21 October at the ​Reseller News Innovation Awards ​2020 to celebrate the achievements of the New Zealand technology industry's top partners, start-ups, vendors, distributors and individuals.

Channel gathers to celebrate the Reseller News Innovation Awards 2020 winners
Show Comments