The International Monetary Fund (IMF) has said that cybersecurity policy frameworks, especially in emerging markets and developing economies, often remain insufficient.

This was part of the IMF survey of central banks and supervisory authorities, as published in a blog titled ‘Rising Cyber Threats Pose Serious Concerns for Financial Stability’ by Fabio Natalucci, Mahvash S. Qureshi, Felix Suntheim.

Read also: Banks chief audit executives seek lenders collaboration on cybersecurity

“For example, only about half of countries surveyed had a national, financial sector-focused cybersecurity strategy or dedicated cybersecurity regulations,” the IMF said in a new blog post.

According to the IMF, cyberattacks have more than doubled since the pandemic. While companies have historically suffered relatively modest direct losses from cyberattacks, some have experienced a much heavier toll.

“As we show in a chapter of the April 2024 Global Financial Stability report, the risk of extreme losses from cyber incidents is increasing. Such losses could potentially cause funding problems for companies and even jeopardize their solvency. The size of these extreme losses has more than quadrupled since 2017 to $2.5 billion. And indirect losses like reputational damage or security upgrades are substantially higher.”

The financial sector is uniquely exposed to cyber risk. Financial firms—given the large amounts of sensitive data and transactions they handle—are often targeted by criminals seeking to steal money or disrupt economic activity. Attacks on financial firms account for nearly one-fifth of the total, of which banks are the most exposed.

To strengthen resilience in the financial sector, the Washington based IMF said authorities should develop an adequate national cybersecurity strategy accompanied by effective regulation and supervisory capacity.

Related News

According to the Fund, the strategy should encompass periodically assessing the cybersecurity landscape and identifying potential systemic risks from interconnectedness and concentrations, including from third-party service providers. Encouraging cyber “maturity” among financial sector firms, including board-level access to cybersecurity expertise, as supported by the chapter’s analysis which suggests that better cyber-related governance may reduce cyber risk.

It should also include improving cyber hygiene of firms—that is, their online security and system health (such as antimalware and multifactor authentication)—and training and awareness, prioritizing data reporting and collection of cyber incidents, and sharing information among financial sector participants to enhance their collective preparedness.

Read also: Kaspersky predicts shifts in industrial cybersecurity practices in 2024

As attacks often emanate from outside a financial firm’s home country and proceeds can be routed across borders, international cooperation is imperative to address cyber risk successfully.

According to the report, incidence in the financial sector could threaten financial and economic stability if they erode confidence in the financial system, disrupt critical services, or cause spillovers to other institutions.

For example, a severe incident at a financial institution could undermine trust and, in extreme cases, lead to market sell offs or runs on banks. “Although no significant “cyber runs” have occurred thus far, our analysis suggests modest and somewhat persistent deposit outflows have occurred at smaller US banks after a cyberattack.”

Cyber incidents that disrupt critical services like payment networks could also severely affect economic activity.

Hope Moses-Ashike is an Associate Editor, Banking and Finance, with more than a decade of experience reporting on Nigeria’s financial system and broader economy. She closely tracks market movements, monetary policy decisions, company disclosures, regulatory actions, economic indicators, and global developments, and interprets what they mean for businesses, investors, policymakers, and households. Her reporting helps readers understand complex issues such as inflation trends, foreign exchange market dynamics, interest rate decisions, bank performance, and investment risks. She also covers major international events and periodically travels to Washington, D.C., to report on the World Bank/IMF Spring and Annual Meetings. Her dedication to financial journalism has earned her multiple recognitions and invitations to high-level professional development programmes. She is an alumna of the International Visitors Leadership Programme (IVLP) in the United States and holds an Advanced Financial Journalism Certificate from the Press Association Training in London, UK. Her other notable achievements include completing the Lagos Business School CMC Programme, the Bloomberg Media Africa Initiative Programme, and a Master Class in Journalism at Rhodes University in South Africa.

Join BusinessDay whatsapp Channel, to stay up to date

Open In Whatsapp