The high and ever-growing dependency on and interconnectivity of information and communication technologies give rise to pronounced vulnerabilities among Swiss financial institutions. For example, outages of and disruptions to IT systems, particularly those resulting from cyberattacks, can jeopardise the availability of critical services and functions. Depending on the nature of the cyberattack in question, this can have repercussions for individual financial institutions and threaten the functioning of the Swiss financial centre as a whole.
The number and intensity of cyberattacks are growing strongly. For example, there is evidence of an ongoing rise in cybercrime in the area of malware and increased espionage activity. In addition, cyber sabotage of critical infrastructure and the publication of stolen information represent potentially pernicious offshoots of these activities. Furthermore, the parties behind these attacks are becoming evermore professional, as well as increasingly well organised. This makes it all the more important to combat and prevent such activities.
A successful cyberattack can have serious consequences for the functioning of the Swiss financial centre. For example, a cyberattack may result in banks being unable to provide financial services promptly – or indeed at all. When it comes to the functioning of financial markets, institutions that provide integrated or interlinked services are particularly important, e.g. financial market infrastructures, critical service providers of key IT systems for the financial centre, and systematically important financial institutions. A successful attack on an institution of this kind could prove damaging both to other financial institutions and the Swiss economy as a whole. The reputational damage would be significant, and confidence in the Swiss financial centre would be affected.
On cyber risks, FINMA has kept its regulatory requirements for banks short and concise, built up its expertise on cyber issues and communicated its expectations for addressing such risks to the supervised institutions. It subsequently intensified its supervision of cyber risks. The results of this supervisory activity have shown that the banks have improved the way they deal with cyber risks over the last few years. The issue remains of critical importance, however, and there is still room for improvement. FINMA will therefore focus above all on improvements to the crisis management toolkits of supervised financial institutions and their stakeholder groups. In addition, FINMA will continue to analyse the general threat situation on an ongoing basis. Furthermore, FINMA is monitoring recent incidents of serious cyberattacks closely with a view to obtaining information that may be generally applicable to such incidents. FINMA will also provide an active input to the cross-institutional supervisory coordination platform3 for combating cyberattacks.
(From the Risk monitor 2019)