Cyber risk is consistently ranked amongst the top risks to the Australian financial system. Cyber-attacks are increasing in frequency, sophistication and impact, with perpetrators continuously refining their efforts to compromise systems, networks and information world-wide. Consequently, the regulators have been considering measures to increase the resilience of the financial sector to a material cyber incident, including by issuing new standards and guidance. However, continued attention is required in this area.
At the September 2019 meeting, the Council of Financial Regulators (CFR) reviewed initiatives focussed on cyber security and CFR agencies would like to draw attention to two key initiatives below.
2020 Cyber Security Strategy
The Australian Government is developing the nation's 2020 Cyber Security Strategy. The new Strategy will build on Australia's 2016 Cyber Security Strategy to position Australia to meet the rapidly evolving cyber threat environment. The Government has been seeking the views of relevant stakeholders, including the banking and financial services industry. The CFR agencies encourage all financial institutions to consider this Strategy and how it applies to their organisation. Further details are available on the Government's website.
CPMI Endpoint Security Strategy
A safe, reliable, secure and efficient wholesale payments system, which supports financial institutions and financial market infrastructures, is essential to a well-functioning financial system. The Bank for International Settlements' Committee on Payments and Market Infrastructures (CPMI) has developed a strategy to reduce the risk of wholesale payments fraud by enhancing endpoint security, with the broader objective of supporting financial stability. The CFR agencies encourage all financial institutions to read the report and consider its application to the security of their wholesale payment systems.
The CPMI strategy, Reducing the risk of wholesale payments fraud related to endpoint security, is designed to address all areas relevant to preventing, detecting, responding to, and communicating about, payments fraud. Each CPMI member central bank has committed to promote the strategy in its jurisdiction. Accordingly, the Reserve Bank, in collaboration with the other CFR member agencies, will continue efforts to advance the security and resilience of the wholesale payments system in Australia, including through the CPMI strategy.