Financial firms face significant risk from cyberattacks

Financial services firms that provide retail lending and deposit services are likely facing the greatest risk from financially motivated cyberattacks, according to a new report from Fitch Ratings Inc.

The credit-rating agency finds that cyberattacks are “an increasingly significant risk” for financial services institutions, potentially posing negative financial and operational consequences for both individual issuers and financial systems.

“We believe that institutions with substantial consumer lending businesses and deposit franchises are most at risk of financially motivated attacks due to the scope for theft from customer accounts and the large volume of personal data they hold,” the Fitch report says.

Attacks aimed primarily as disrupting the financial system are more likely to target institutions that provide trade execution, clearing and settlement services “due to their interconnectivity with the financial system,” the report finds.

Some of these risks are mitigated at larger institutions, which “typically have stronger risk controls and regulatory oversight,” the Fitch report notes, adding that “regulators have been increasingly vocal on cybersecurity and have urged cyber-attack stress testing.”

The report also finds that the use of cyber insurance is on the rise. Fitch estimates that the U.S. property and casualty industry wrote more than US$1 billion in cyber-related insurance premiums in 2015 and it expects these levels to grow in the years ahead.

“Insurance against cyberattacks may cover nominal losses but may not contain reputational damage that could lead to client outflows or loss of investor confidence,” the report notes.

Photo copyright: leowolfert/123RF