In its yearly industry risk assessment, titled Sector Views published last week, the Financial Conduct Authority (FCA) revealed a 7 per cent rise in the number of technology outages and cyberattacks across the financial district of London (known as the ‘City’) in 2019 from the previous year.
Asset managers and traders flagged increasing numbers of IT failures and cyberattacks to the UK’s financial regulator last year, prompting the FCA to add it to its list of big risks that could harm the industry and its customers in 2020.
“Firms may not be testing changes to their systems before implementing them, and may not be investing enough in cyber security and technology, increasing the likelihood of failures”, the FCA wrote in its report. Companies in wholesale financial markets, such as investment banks and stock exchanges, reported 118 “technology incidents” in 2019, up from 94 the year before, the regulator said.
CEO at Hiscox Cyber, Gareth Wharton said: “Where hackers formerly focused on larger companies, small and medium-sized firms now look equally vulnerable.” Small firms are hit with about 10,000 cyberattacks a day according to a survey last year. The latest research revealed by Federation of Small Businesses (FSB) noted that more than 7 million individual cyberattacks were reported in the two years, equivalent to 9,741 attacks a day.
It costs small companies £4.5bn annually to tackle them, with each individual attack costing an estimated £1,300.
The survey showed more than 1m small firms suffer from phishing, malware, fraudulent payment requests and ransomware. An absence of network security measures is responsible to small businesses vulnerable to cyberattacks. Around 35 per cent of the firms have not had security software in the past two years and more than half do not have a strict password policy.
Data from cybersecurity firm Malwarebytes showed cyber criminals are increasingly focusing on businesses. The research revealed ransomware attacks have gained rapid momentum among business targets. FSB policy and advocacy chair, Martin McTague, said: “More small firms are waking up to the threat of cybercrime. It’s a threat that’s evolving rapidly, but too many small businesses still lack access to the resources and budgets needed to contain it.”
Banks and financial institutions are heavily targeted by cybercriminals, with the threat of cyber-enabled financial crime remaining “high”, the report said. The FCA highlighted UK government figures showing that money laundering costs the country an estimated £37bn every year. In the asset management sector, companies reported 26 technology failures to the regulator in 2019, more than three times 2018’s total.
The FCA highlighted several causes for these problems, including large-scale IT overhauls in the banking sector to cope with Brexit and the phase-out of the discredited Libor benchmark, and the expansion of artificial intelligence and algorithmic trading – which now accounts for a “significant amount of wholesale market liquidity.”
“Technology substituting for human decision-making has inherent risks,” the report said. These include the increased chances of flash-crashes due to faster trading speeds and a rise in “herd behaviour” among fund managers.
Last May, the Bank of England admitted for the first time that the central bank was subject to persistent “advanced and evolving cyber threats which call for extreme vigilance”.
Although innovative systems and hardware updates have clear advantages, such as a reduction in compliance costs and the simplification of risk management, the regulator said “firms need to do significantly more work to protect themselves from online threats to their business.”
The watchdog noted the rise in incidents could also be linked to an improvement in reporting and awareness of cyber threats and IT failures.
“We are committed to reducing harm in the markets we regulate. Our analysis of markets ensures that we do this effectively, helping us to decide where to focus our attention,” said Christopher Woolard, the regulator’s interim chief executive. He added: “We expect firms to be similarly focused on preventing harm and we will continue to actively supervise all firms to ensure they achieve this.”
The City-wide report, which also reviewed the potential threats posed to pension savings, insurers, and retail investment, highlighted that financial scams remained a significant risk for customers, with investment cons becoming more sophisticated.
The news came as Andrew Bailey, the FCA’s outgoing chief executive, admitted the watchdog is powerless to prevent scammers from posting misleading investment advertisements on Google.
(The writer is our foreign correspondent based in the UK. He can be reached at andyjalil@aol.com)
Oman Observer is now on the WhatsApp channel. Click here
