Europe’s financial supervisory authorities have advised against the introduction of a coherent cyber resilience testing framework for the continent’s market participants and infrastructures – at least in the short term, according to finextra.com.
The European Supervisory Authorities – the EBA, EIOPA and Esma – were asked by the European Commission to weigh in on the costs and benefits of such a framework as part of the EC Fintech Action Plan.
In their advice, the ESAs say that there are „clear benefits” to such a framework but there are „significant differences” across and within financial sectors when it comes to the maturity of cybersecurity, meaning that a one-size-fits-all approach is difficult in the short term.
Instead, the ESAs suggest focusing on a minimum level of cyber-resilience across sectors that is „proportionate to the needs and characteristics of the relevant entities”.
The advice does suggest a voluntary EU-wide testing framework, together with other relevant authorities taking into account existing initiatives.
The EC also asked the ESAs to provide advice on the need for legislative improvements relating to ICT risk management requirements.
Here, the advice calls for the streamlining of aspects of the incident reporting frameworks across the financial sector and also suggests a legislative approach to helping monitor the activities of critical third party service providers.
While welcoming many aspects of the advice, Lorraine Johnston, regulatory counsel at law firm Ashurst, highlights one „glaring” omission: the lack of advice relating to board governance of ICT and cyber resilience.
Says Johnston: „Until ICT and cyber security sit squarely as a board level responsibility, some of these issues will remain to be seen as ‘IT helpdesk’ problems.”
Banking 4.0 – „how was the experience for you”
„So many people are coming here to Bucharest, people that I see and interact on linkedin and now I get the change to meet them in person. It was like being to the Football World Cup but this was the World Cup on linkedin in payments and open banking.”
Many more interesting quotes in the video below: