The Committee on Payments and Market Infrastructures (CPMI) and the International Organization of Securities Commissions (IOSCO) have published a final report, Guidance on cyber resilience for financial market infrastructures (the Guidance).
The Guidance is intended to help financial market infrastructures (FMIs) to enhance their cyber resilience. In particular, it provides supplemental guidance to the CPMI-IOSCO Principles for Financial Market Infrastructures (PFMI) primarily in the context of governance (Principle 2), the framework for the comprehensive management of risks (Principle 3), settlement finality (Principle 8), operational risk (Principle 17) and FMI links (Principle 20). The Guidance is not, however, intended to impose additional standards on FMIs beyond those set out in the PFMI, but instead provides supplemental detail related to the preparations and measures that FMIs should undertake to enhance their cyber resilience capabilities with the objective of limiting the escalating risks that cyber threats pose to financial stability.
“This is a landmark report for the financial industry. FMIs have come to the fore as financial sector hubs at a time when cyber resilience is a key priority for the financial industry. This is indeed a timely document, and FMIs should take action immediately to implement its recommendations,” said Benoît Coeuré, Chairman of the CPMI.