Need proactive risk mitigation measures to tackle cyberattacks: RBI
Mumbai, May17, 2024
RBI deputy governor Swaminathan J said the potential impact of a cyberattack on a bank's operations, reputation, and financial stability cannot be "overstated", as he emphasised the need for proactive risk mitigation strategies.
Speaking at the Conference of Heads of Assurance of Urban Cooperative Banks here on Thursday, the deputy governor said that in the ever-changing landscape of banking, new risks constantly emerge. While traditional risks like credit, market and liquidity risks remain significant, new challenges like cybersecurity threats and operational disruptions have emerged.
The proliferation of digital technologies and the interconnected nature of financial systems have exposed banks to a myriad of cyber threats, ranging from data breaches to malicious ransomware attacks, he added.
"The potential impact of a successful cyberattack on a bank's operations, reputation, and financial stability cannot be overstated, underscoring the critical importance of robust cybersecurity measures and proactive risk mitigation strategies," the deputy governor added.
He further said the focus of regulation and supervision is shifting towards activity-based. Similar activities, having similar risks, need to have the same level of regulatory and supervisory oversight, albeit with an element of proportionality to factor in the scale and complexity of operations.
"Therefore, regulations for cooperative banks are becoming harmonised with that for commercial banks, but with certain calibrations wherever required," he noted.
''The expectations from Urban Cooperative Banks (UCBs), especially for corporate governance and the effectiveness of assurance functions, are much higher now. As some of our recent enforcement actions would have demonstrated, there is now zero tolerance for poor corporate governance practices such as loans to directors or their relatives," Swaminathan said.
The deputy governor added that assurance functions namely the risk management, internal audit and compliance functions play very crucial roles, as guardians ensuring the bank operates safely, ethically and within regulatory and legal boundaries.
Assurance functionaries by becoming effective gatekeepers can give the required comfort to all stakeholders that the bank is on the right track, its systems are strong, operations are reliable, and risks are managed effectively, he said.
"As conscience keepers of the bank, they are intended to detect and prevent any deviations or build-up of any potential risks, safeguard the reputation of the bank and help uphold the trust of its customers and other stakeholders," the RBI Deputy Governor said.
He also emphasised that one of the most important facets of effective assurance functions is independence.
There are regulations already in place that provide for adequate stature, direct lines of reporting and preventing dual hatting of assurance functionaries, Swaminathan said.
[Press Trust of India]