This week’s WannaCry ransomware attack was the latest in a long and growing list of incidents in which criminals have targeted computer systems to try to steal or extort money.
Banks are obvious targets. As perpetrators develop ever more sophisticated techniques to break through security systems, many financial institutions will find they can no longer withstand these kinds of attacks.
Banking regulators have hardly been blind to such fragilities.
Last month the joint committee of Europe’s supervisory authorities warned in its spring report that “cyber risk threatens data integrity and business continuity in an interconnected financial system”.
And later this year the European Banking Authority (EBA) will set out guidelines for identifying and measuring IT risk exposures within the banking sector as part of its supervisory review and evaluation process (SREP).
But regulators have yet to develop a strong enough approach to sharpening up digital security within the banking system.
Stress tests are a vital tool in this regard. They are one of the most important tools that regulators have to understand how banks can manage big shocks and still function healthily.
Central banks already turn to specific issues in an effort to sharpen up risk management procedures across the banking sector, including looking at misconduct risks and interest rate changes in a number of their scenarios.
The sooner supervisors use stress testing to examine banks’ vulnerability to cyber threats, the safer it will be for the global financial system.