The extensive introduction of cutting-edge technologies to the Russian financial market brings new opportunities to both providers and consumers of financial services: speed, affordability and convenient access to various services are improving steadily. However, new technologies also bear new risks — cyber risks.
Cyber risks include:
- theft of funds of customers of financial institutions
- financial losses of market participants
- disruption of the reliability and continuity of financial services provision
- development of a systemic crisis due to cyber attacks that hit major institutions
In order to prevent such serious consequences from cyber risks, the Bank of Russia monitors the cyber resilience of financial institutions and notifies them of new possible types of attacks and the means to response to them.
In 2019, the Bank of Russia adopted its first policy document Guidelines for Financial Sector Information Security Development in
- the creation of risk profiles for financial institutions and the transition to risk-based supervision
- the introduction of requirements for the resilience and smooth operation of financial institutions in case of cyber risks materialisation
- requirements for data management security and the prevention of data leaks from financial institutions
- development of the cyber culture of the financial market