The International Monetary Fund (IMF), via a recent blog post, revealed that the global financial sector has recorded $12 billion in losses to cyberattacks over the past two decades.
Attacks on financial firms account for nearly one-fifth of the total, of which banks are the most exposed. The IMF adds that cyberattacks have more than doubled since the pandemic. Given the large amount of sensitive data and transactions that financial institutions handle, they have become prime targets for criminals to hack their systems and steal money.
Incidents in the financial sector according to the IMF, could threaten financial and economic stability if they erode confidence in the financial system, disrupt critical services, or cause spillovers to other institutions. The fund cited an example of a severe incident at a financial institution that could undermine trust and, in extreme cases, lead to market selloffs or runs on banks.
Tekedia Mini-MBA edition 16 (Feb 10 – May 3, 2025) opens registrations; register today for early bird discounts.
Tekedia AI in Business Masterclass opens registrations here.
Join Tekedia Capital Syndicate and invest in Africa’s finest startups here.
Although no significant “cyber runs” have occurred in recent times, the IMF in its analysis disclosed that modest and somewhat persistent deposit outflows have occurred at smaller US banks after a cyberattack.
With the increasing rate of financial firms relying on third-party IT service providers, and artificial intelligence, it has no doubt improved operational resilience but has been found to make these institutions exposed to heightened risk of cyberattacks. For example, a 2023 ransomware attack on a cloud IT service provider caused simultaneous outages at 60 US credit unions.
The IMF report on the amount suffered by financial institutions is coming after it had earlier revealed that 56% of Central Banks of 51 countries do not have a national strategy to prevent cyber attacks.
This finding highlights a significant vulnerability within the global financial system, as cyber threats continue to escalate in frequency and sophistication. The International Financial Institution disclosed that 42 percent lack a dedicated cybersecurity or technology risk management regulation, and 68 percent lack a specialized risk unit as part of their supervision department.
With the global financial system facing significant and growing cyber risks from increasing digitalization and geopolitical tensions, the IMF posits that policies and governance frameworks at firms must keep pace.
It further highlighetd five crucial steps Financial institutions and regulators need to prioritize to prepare for heightened cyber threats and potential successful breaches.
These includes;
1.) Central banks, regulators, and financial firms must develop a cybersecurity strategy,
2.) Financial firms must strengthen cyber “hygiene,” secure-by-design systems, and response and recovery strategies.
3.) Financial supervisors need to ensure that cyber regulation and supervision can effectively promote resilience.
4.) Financial regulators and firms need to shift their focus from classic business continuity and disaster recovery planning to delivering critical services even when attacks disrupt normal operations.
5.) The international community must harmonize cyber incident reporting and effective information sharing to ensure authorities around the world can manage incidents effectively.
The Fund further urged for stronger regulatory frameworks, and enhanced collaboration amongst others, stressing that addressing cybersecurity is not just a technical issue but a fundamental component of financial stability.