Several banks are working to develop and enhance their information and cyber security. Some have not yet fully adapted their work to the changed conditions introduced by increased digitalisation and an increased level of cyber threats. FI expects that the banks will continue to focus on developing their information- and cyber security abilities, and keep managing and monitoring their information and cyber risks.
Financial stability, both nationally and globally, is dependent on functional financial infrastructure and banks that support and provide critical functions in the financial sector. Today, the operations of financial firms are based entirely on IT systems. Over the years, many IT systems have become more complex and interconnected, both internally and externally, in part through integration with other participants on the financial market but also through outsourcing of operations to third-party suppliers.
This change is occurring at the same time as the number of groups with resources and ability to carry out advanced IT attacks is increasing, both in Sweden and internationally. It is under these constantly changing conditions, the banks need to manage information and cyber risks.
This report presents FI's conclusions from the supervision activities performed during the past few years and how these conclusions relate to the ongoing transformation of the financial market. The banks' work with information and cyber security will continue to be a prioritised area within FI's supervision. FI will continuously follow up on observed deficiencies and continue to perform supervisory activities and investigations in this area.
The report is currently available in Swedish (click "Swedish" in the bar above) but will be translated into English.