Get 40% Off
🤯 This Tech Portfolio is up 29% YTD! Join Now to Get April’s Top PicksGet The Picks – Just 99 USD

UK banks might become test bed in fight against cyber attacks

Published 26/09/2017, 20:04
Updated 26/09/2017, 20:10
© Reuters. Sam Woods head of Britain's Prudential Regulation Authority poses for a portrait in his office in London

© Reuters. Sam Woods head of Britain's Prudential Regulation Authority poses for a portrait in his office in London

By Huw Jones, Andrew MacAskill and Rachel Armstrong

LONDON (Reuters) - Britain's banks may have to comply with the world's first set of rules for coping with cyber attacks and other outages, Bank of England Deputy Governor Sam Woods said on Tuesday.

The theft of 2.5 million pounds from 9,000 customers of Tesco Bank (L:TSCO) last November rang alarm bells for regulators and put cyber security high up on their priority list.

Woods said a landmark case like that of Tesco Bank, where money was actually stolen from customers accounts, it is important to ensure the bank has enough capital to safeguard customers - but this was not enough.

While UK banks like HSBC (L:HSBA), Barclays (L:BARC), Lloyds (L:LLOY) and RBS (L:RBS) have had to undergo specific cyber resilience tests set by the BoE, Woods thinks that more needs to be done as the number of serious cyber attacks on financial firms rises.

The regulators' "emergency" response system has been triggered six times in the past 12 months alone, Woods told the Reuters Financial Regulation Summit.

New, so-called "operational resilience" rules would spell out what systems at a firm underpin critical services, and the "tolerance" level for an outage before regulatory intervention.

"We need to ask ourselves, because no IT system is absolutely perfect, what is the degree of outage that is acceptable," Woods said.

He foresees three levels of "tolerance", the lowest for activities regulated by the Financial Conduct Authority, whose core aim is to protect consumers.

A second layer would be monitored by the BoE's Prudential (LON:PRU) Regulation Authority, which Woods heads, and looks at whether the solvency of the firm being hacked remained robust enough.

A third layer would be set by the BoE's Financial Policy Committee, which monitors threats to wider financial stability.

"At the moment nowhere in the world has anyone articulated a view on that stuff, and we are going to attempt to do so," Woods said.

"It is extremely challenging, but I think we need to build that or we don’t have a solid basis to deal with this stuff."

Woods expects the issue to be discussed at the FPC and PRA by the end of this year or early in 2018, depending on how the initial thinking develops.

"The reason I am cautious is because this is really an entirely new field of work. It is a greenfield site in regulatory terms," Woods said.

"So as we go through it, I think it is possible we have to have several runs at it to get it right because we don’t want to agree something, impose something and then decide that it was really down the wrong track."

© Reuters. Sam Woods head of Britain's Prudential Regulation Authority poses for a portrait in his office in London

Reuters Summits on Twitter @Reuters_Summits

Latest comments

Risk Disclosure: Trading in financial instruments and/or cryptocurrencies involves high risks including the risk of losing some, or all, of your investment amount, and may not be suitable for all investors. Prices of cryptocurrencies are extremely volatile and may be affected by external factors such as financial, regulatory or political events. Trading on margin increases the financial risks.
Before deciding to trade in financial instrument or cryptocurrencies you should be fully informed of the risks and costs associated with trading the financial markets, carefully consider your investment objectives, level of experience, and risk appetite, and seek professional advice where needed.
Fusion Media would like to remind you that the data contained in this website is not necessarily real-time nor accurate. The data and prices on the website are not necessarily provided by any market or exchange, but may be provided by market makers, and so prices may not be accurate and may differ from the actual price at any given market, meaning prices are indicative and not appropriate for trading purposes. Fusion Media and any provider of the data contained in this website will not accept liability for any loss or damage as a result of your trading, or your reliance on the information contained within this website.
It is prohibited to use, store, reproduce, display, modify, transmit or distribute the data contained in this website without the explicit prior written permission of Fusion Media and/or the data provider. All intellectual property rights are reserved by the providers and/or the exchange providing the data contained in this website.
Fusion Media may be compensated by the advertisers that appear on the website, based on your interaction with the advertisements or advertisers.
© 2007-2024 - Fusion Media Limited. All Rights Reserved.