IT disruptions at a constant, high level

FI finds it serious that, to a great extent, it is the same companies that frequently have numerous disruptions. At companies with many disruptions, it is very likely that they will continue to have an unstable IT solution. The IT disruptions can reduce the confidence in the companies and impede efforts for more effective payments and a society that uses less cash.

No company in the investigation reports that it has been subject to hacking. The com-panies feel that they have sufficiently safe solutions to protect their IT environment against outside perpetrators. However, there is the remaining problem that customers are attacked and the perpetrators thereby access money in corporate accounts.

The financial protection for consumers using financial services via the Internet has currently not been resolved by law. The allocation of responsibility between companies and customers has been illustrated to some extent in the agreements between customers and companies. There is no legislation regulating where the customer's and the company's responsibilities respectively begin and end. In order to strengthen the consumer protection, FI feels that it is necessary to regulate the customer's and the com-pany's responsibilities respectively.

Finansinspektionen wrote to the government and called attention to the need for legislation in this area in conjunction with its report, "Criminal attacks on internet banking" (2007:10).
In its supervision during 2009, Finansinspektionen is going to follow up on disruption frequency and hacking risks.