Banks must now report to authorities any cyberhacking incidents or disruptions to technology-based financial services they provide clients within two hours of their discovery, the central bank said on Friday.
In a statement, the Bangko Sentral ng Pilipinas (BSP) said that these new regulations – significantly tighter than the 10-day reporting window previously allowed for such events – are being put in place “in response to the increasingly persistent, sophisticated and targeted attacks launched against financial institutions.”
“Prompt reporting of these incidents by supervised financial institutions will allow the Bangko Sentral to have an enhanced visibility on the changing information technology risk landscape and to proactively ensure that their impact and resulting risks are minimized and contained to avert potential systemic risks to the financial system,” it said.
Banking industry insiders have noted that local financial institutions have been experiencing more cyberhacking attempts in recent years, from suspected large scale attempts to compromise bank computers to small scale “phishing” activities perpetrated on unsuspecting clients.
BUSINESS
BUSINESS
BUSINESS
Some large local banks have also experienced disruptions in their ATM network services, some lasting as long as four days, causing inconveniences to thousands of clients.
The tighter regulations in response to these issues were approved by the Monetary Board recently to cover “cyber-related incidents and operational disruptions.”
