Cybersecurity is increasingly one of the most significant, and growing, risks for the financial industry, says Fitch Ratings in a report published on Tuesday.
“Cyber attacks are among the most unpredictable of operational and financial risks for financial institutions,” the Fitch report says. “The impact on institutions can range from electronic theft of data from accounts to serious reputational damage and/or disruption, resulting in loss of business.”
This unpredictability means that integrating cybersecurity into firms’ risk control infrastructure, frameworks and information technology (IT) budgets “are key to deterring and mitigating the impact of attacks,” the report says. “This is especially the case for larger financial institutions with significant consumer-facing activities, which are at greater risk of attack owing to their substantial customer data.”
The report also notes that the rising concern of regulators is highlighted by the recent publication an advanced notice of proposed rulemaking on standards for cyber risk management by U.S. financial regulators, which aims to address the possible systemic impact of cyber attacks.
Beyond the regulatory response, the industry is responding to the threat in multiple ways, the report says, including the creation of a joint working group on cybersecurity, and developing industry best practices.
The potential for cyber risks to “negatively affect operations, reputation and financial performance” indicates that it will continue to be an increasing focus for financial institutions and regulators in the years ahead, the report concludes.