Main Article Content
The paper aims at drawing attention on cyber security risks the financial industry is exposed to, which recently started to raise increased concern among European and international authorities, in terms of proper prevention, identification, assessment and management. It is an issue of utmost importance the more so that the financial landscape is continuously changing, to keep pace with the technological innovations applied to banking activity, digitization, large-scale use of internet banking/mobile banking. Cyber security risks are included in the broader framework of IT fraud; neglecting their careful monitoring would trigger serious financial and reputational implications for the financial industry. The paper synthesizes the guidelines and reports recently published by the International Monetary Fund, World Bank, Bank of International Settlements, European Central Bank, European Commission, big-four audit companies as well as research centres, to illustrate which is their response to the digital environment trend and cyber security challenge. Then, it reviews the main typologies of threats included in the cyber security risk, graphically depicts the perceived exposure to cyber risks in comparison with other categories of risks, delineates between key risks and emerging risks, and discusses the risk management responsibilities to be assigned to bank’s board, operational management, risk/internal control/compliance oversight function and internal audit function (known also as the three lines of defence).
IT fraud Digitization Cyber risk Banking Risk management