Last week, the Financial Stability Board (“FSB”) released the results of its stocktake on existing regulations and supervisory practices in G20 jurisdictions with respect to cybersecurity in the financial sector. The FSB is an international body that coordinates the work of national financial authorities and international standard-setting bodies, and the stocktake — essentially a survey — was requested by the G20 Finance Ministers and Central Bank Governors in March 2017.
The results of the stocktake underscore the growing international emphasis on cybersecurity and the interplay of varied regulatory and supervisory schemes. The 25 surveyed jurisdictions identified 56 schemes of regulation and guidance targeted to cybersecurity and/or IT risk, with some jurisdictions reporting as many as 10 such schemes. With respect to supervisory practices, 35 schemes were reported.
It is also clear from the stocktake that cybersecurity is a dynamic and quickly evolving area. Eighteen of the surveyed jurisdictions (Argentina, Australia, Brazil, China, the E.U., France, Germany, Hong Kong, India, Italy, Mexico, the Netherlands, Russia, Saudi Arabia, Singapore, South Africa, Spain, and the United States) reported that they plan to issue new regulations, guidance, or supervisory practices that address cybersecurity for the financial sector within the next year.
At the same time, however, the FSB found some level of convergence among the different jurisdictions. According to the FSB, all of the surveyed jurisdiction draw upon a small body of guidance in developing their cybersecurity regulatory and supervisory schemes, and many schemes share common elements:
Common Elements Covered by Regulatory Schemes | Common Topics Covered by Supervisory Practices Schemes |
|
|
The full report, including summaries of each jurisdiction’s responses to the survey, is available here.
A summary report, which also includes findings from a Workshop on Cybersecurity that brought together public and private sector participants to discuss cybersecurity in the financial sector, is available here.