Participants pose for a group photo at the Member Training on Cybersecurity for Financial Inclusion

Cybersecurity focus of first BNM-AFI member training in 2020

In an increasingly interconnected world, regulators and financial regulators must remain proactive and vigilant against cybersecurity risks, AFI Deputy Executive Director Norbert Mumba said as he kicked off this year’s first batch of member trainings on 17 February.

Underscoring the importance of the four-day capacity building event, which is being co-hosted by Bank Negara Malaysia (BNM), Mumba noted that even a “small mistake” in securing data could be extremely damaging to both companies and individuals.

“The growth of data networks, mobile financial services and electronic commercial platform applications has invariably led to growth of cyber exploitation and cybercrimes,” he said at the opening of Member Training on Cybersecurity for Financial Inclusion.

“It is therefore key for us to be resilient against such attacks to protect data from theft and manipulation.”

Echoing this sentiment was Daniel Chin Shen Li, Director of Risk Specialist and Technology Supervision Department at BNM, who, in his opening speech, described cybersecurity as the “challenge of our time”.

“While regulators and policymakers have responded proactively with a flurry of new policies and regulations designed to address these new risks, these have largely focused on strengthening the cyber resiliency of mainstream financial services,” he said.

He added that there was growing realization that this approach often neglected the needs of the unbanked or underbanked, who were particularly exposed to cybersecurity threats as they were more likely to be using older and less sophisticated technology.

“A financial ecosystem is only as strong as its weakest link. Cyber criminals will not attack the most well protected point, but rather its weakest,” he said.

“Differences in the segment’s preferred banking channels, level of cyberliteracy, reliance on mobile devices and third-party agents pose additional challenges in formulating or implementing relevant cybersecurity regulations.”

Participants from 24 AFI member institutions in 23 countries are attending the event in Kuala Lumpur, which focuses on one of the Alliance’s latest knowledge products, Cybersecurity for Financial Inclusion: Framework and Risk Guide. The report provides key principles and best practices to assist regulatory and supervisory authorities in devising tools for the financial sector to deal with cybersecurity risks.

Training is being led by Central Bank of Armenia’s Komitas Stepanyan, who also chairs the cybersecurity subgroup within AFI’s Digital Financial Services Working Group.

Reflecting the topic’s importance across a number of banking systems, event participants have come from several key departments within AFI member institutions, including bank supervision, information technology, risk management and payment systems.

Over the coming days, participants will explore a variety of topics including gender, national responses, risk supervision and cybersecurity strategies. The event is the first of three slated to be co-hosted this year by BNM, whose premises act as AFI’s permanent headquarters in Kuala Lumpur.

Malaysia is well-positioned to co-host the member training having ranked eighth in the world and second in Asia-Pacific for its cybersecurity commitments, according to the 2018 Global Cybersecurity Index.

AFI’s capacity building service is based on the peer-learning model, in which participants gain knowledge by sharing and exchanging information. Each training event is designed to meet the learning needs identified by members and delivered, most often, by the members themselves ensuring optimal use of the experience and expertise of the network. AFI Building Capacities for Development is a thriving platform to gain knowledge and practical skills required to realize the financial inclusions goals of financial regulators.