English Dutch


Authored by: Haydn Lightfoot, Sr. Director of Business Consultancy

James Ellis, Sr. Consultant of Business Consultancy

If financial institutions were not considering cybersecurity a priority, the attack on the Bangladesh central bank in February 2016 made it one. Hackers managed to steal over $100m, of which only a small proportion was later recovered. Later in the year, Tesco Bank saw £2.5m drained from around 9,000 customer accounts when criminals broke into their systems. Losses are not only from fraudulent transactions, in May 2017 the WannaCry attack crippled a vast number of computers, including National Health Service systems across the UK and in September Equifax saw the personal information of 143 million Americans stolen. The combined costs of companies being forced offline for extended periods of time, data recovery and ransom payments, and ultimately reputational damage, are incalculable. Whilst the risk may be incalculable, however, that does not mean that it cannot be managed and controlled.

For banks in particular, it is not a challenge to be faced alone. Regulators have provided guidelines, such as the Federal Financial Institutions Examination Council (FFIEC) IT Examination Handbook, that help to protect against cyber-attacks, but by the same token regulators expect regulated entities to take steps to implement all their requirements.


Enter your details to download this article for free.

Enter the characters shown in the image.

We're ready to get started, are you?

Get in touch and we can connect you with the right people.