Asia-Pacific financial services key target for cybercrime
Regulators across the Asia-Pacific have increasing concerns that global cybercrime threats will continue to be most prevalent within the financial services sector, which remains largely unprotected thanks to overtly localised regulation, according to Deloitte.
In the Deloitte ‘Cyber regulation in Asia-Pacific’ report, the audit giant linked the inevitability of cyberattacks with regulator feedback on the position of the financial services sector as a key target area due to lack of coordination between nations on governance and protection.
“As financial institutions become more data-driven digital businesses and more financial services are delivered online, cyber risks are increasing,” said Deloitte global and Asia-Pacific leader, centre for regulatory strategy, Kevin Nixon.
“If these cyber risks and responses are not well managed, they could threaten the stability of the financial system.”
The report said regulatory approaches across the region remained varied and overly localised, leaving room for data breaches and various cyber crimes in the digital economy.
“There are no significant steps yet taken towards harmonised standards across the region,” Nixon said.
“Financial institutions struggle to understand the regulatory differences at a country level or be aware of emerging threats so as to design cyber risk programs that are coherent and robust across jurisdictions.”
In response to risks, the report said regulators across the Asia-Pacific would need to specifically consider the upgrade of supervisory tools and broader legislative standards.
“Only those financial institutions with robust cyber security and cyber risk management will be able to maintain trust and enhance their competitive edge to retain customers,” Nixon said.
"The financial system relies on confidentiality of data, protection of deposits, and provision of critical services [and] all of this has come under threat given the increase recently in the frequency of cyber-attacks.”
Deloitte Asia-Pacific cyber risk leader, James Nunn-Price said enterprise-wide programs built to be agile and versatile would be needed to ensure the sector could recover swiftly from a cyber attack.
“Strategies that enhance security will enable organisations to stay vigilant for emerging threats, and ensure a flow of insights through to the cyber ecosystem and attract senior support and oversight, will be the ones that best position financial institutions to stay ahead of regulatory expectations,” he said.
Beyond that, the report said industry leaders and regulators would need to harness the consistency across governance and response present in the various nations of the Asia-Pacific to support and share learning information and facilitate region-coordinated responses.
Recommended for you
Financial Services Minister Stephen Jones has shared further details on the second tranche of the Delivering Better Financial Outcomes reforms including modernising best interests duty and reforming Statements of Advice.
The Federal Court has found a company director guilty of operating unregistered managed investment schemes and carrying on a financial services business without holding an AFSL.
The Governance Institute has said ASIC’s governance arrangements are no longer “fit for purpose” in a time when financial markets are quickly innovating and cyber crime becomes a threat.
Compliance professionals working in financial services are facing burnout risk as higher workloads, coupled with the ever-changing regulation, place notable strain on staff.