Bank of England to push for enhanced operational resilience to cyber incidents at banks

Maria Nikolova

The Bank wants financial services firms to be able to demonstrate that they have concrete measures in place to deliver resilient services.

The Bank of England is setting the ground for new requirements concerning firms’ resilience to cyber incidents. This becomes clear from a speech given by Lyndon Nelson, Deputy CEO of the Bank of England’s Prudential Regulation Authority (PRA).

He concedes that there has been an increase in the number of operational incidents – be they caused by internal failures or from external attack. In terms of operational outages the financial sector in the UK has had RBS in 2012 which suffered a major outage in its Irish operations and more recently, of course, TSB. In between, there have been many short-term outages.

Given the circumstances, Lyndon Nelson underlined how important it is that regulators set out their expectations of firms in respect of their operational resilience. The Financial Policy Committee, for example, has been considering its tolerance for disruption to the key economic functions that the finance sector performs, he said. As part of this work, it is likely that the FPC will set a minimum level of service provision it expects for the delivery of key economic functions in the event of a severe but plausible operational disruption. The outlining of supervisory expectations may then be used as an input to guide firms’ actions in managing their own operational resilience.

Lyndon Nelson said he expects that these tolerances will use a combination of time, volume, market share and measures of interconnectedness.

“We have also been developing a suite of supervisory tools that can be used to assess firms’ resilience against our expectations and also inform the supervisory priorities we agree with firms”. Lyndon Nelson says.

He said the Bank was also trialling some other diagnostic tools.

Mr Nelson said the work will start with a Discussion Paper – joint with the Financial Conduct Authority. Although he would not elaborate on the details of the paper, he gave his perspective on these expectations.

“I would like our firms to be on a WAR footing: withstand; absorb; recover”, says Lyndon Nelson.

Firms will be expected to set their own tolerances for key business services. These tolerances will have to be in the form of clear metrics indicating when a disruption would represent a threat to a firm, to consumers or to financial stability. The Bank expects firms to test their tolerances and demonstrate to their supervisors that they have concrete measures in place to deliver resilient services.

In addition, firms will need to clearly define and regularly test their approaches to incident management. These should also include good communication plans both internally and externally.

And firms need to be able to recover from an operational incident. This requires viable, tested contingency plans for the resumption of critical functions.

Lyndon Nelson also made some remarks on the response to cyber incidents. The UK authorities have a response protocol called the Authorities Response Framework (ARF). It consists of the Treasury, FCA and the Bank. In cases of cyber events the National Cyber Security Centre is also a member. Any member can trigger the ARF and it has three response levels: monitor, engage and manage. A few years ago the ARF was rarely triggered, Nelson said, but more recently this has been increasing. This is partially due to the lowered barrier for triggering the mechanism but also because of the greater frequency of events.

Read this next

Digital Assets

Big Time Generates over $100M in Revenue since Preseason

Innovative game developer Big Time Studios announces that its highly anticipated free-to-play multiplayer action/MMO RPG Big Time, has generated $100M in revenue. According to the team, players transacted a total volume of over $230M, without selling a single token.

Digital Assets

Centralized exchanges are 10 times more popular than DEXs in Western Europe

Western European traders are found to prefer centralized exchanges over decentralized ones as CEX traffic outpaces DEXs by a factor of ten.

Market News

Stock Market Analysis: Is NVDA Losing Its Leadership?

Since the beginning of the week, the S&P 500 Index (US500) has seen a modest increase of about 0.58%, whereas NVDA’s share price has experienced a decline of approximately 3.8%. This recent divergence raises concerns among Nvidia stock investors — could it signify a loss of NVDA’s market leadership?

Industry News

ESG: Australian regulator wins first greenwashing court case against Vanguard

Vanguard admitted that a notable portion of the securities within both the Index and the Fund did not undergo the promised ESG scrutiny.

Fintech, Uncategorized

BitMEX integrates HALO from Solidus Labs for cross-market surveillance

“The recent approval of the Spot Bitcoin ETF has piqued the market’s interest. As a result of price volatility, the trading volumes for crypto derivatives have gone up substantially. HALO, with its advanced technology and crypto-native detection architecture, will enable BitMEX to smoothly and safely scale trade surveillance across its increased trading volumes and provide the necessary safeguards for new product launches.”

Reviews

IUX Broker Review

IUX, recently rebranded from IUX Markets, stands as a multi-asset Forex broker recognized for its regulatory compliance across various jurisdictions.

Industry News

Horizon Software rebrands to Horizon Trading Solutions

“Horizon Trading Solutions has seen accelerated global growth over the past year to meet the rising demand for our trading solutions and built-for-purpose technology offering. The choice to rebrand represents a key part of this development, while maintaining our heritage and history in the industry.”

Market News

USDJPY has surged to levels last witnessed in 2022. Should we consider opening a short position?

The recent resurgence of the US dollar has propelled USD/JPY to new heights, touching levels not seen since 2022. This surge comes against the backdrop of stable short-term yields and ongoing economic data that fails to signal a significant slowdown, prompting questions about the extent of current monetary easing measures.

Digital Assets

DED Trends on Twitter After Memecoin Snapshot Announcement

Polkadot-backed community coin #DED, made it to the trending charts on X, demonstrating community’s engagement and interest behind the memecoin. 

<