BNM-AFI Member Training on Cybersecurity For Financial Inclusion
Monday, 17 February 2020
Kuala Lumpur, Malaysia
Opening Speech by AFI Deputy Executive Director Norbert Mumba
- Daniel Chin Shen Li, Director, Risk Specialist and Technology Supervision Department, Bank Negara Malaysia
- Participants from AFI member institutions (some participants might be attending an AFI event for the first time)
- Komitas Stepanyan, Chair of the Cybersecurity Subgroup in DFS Working Group and Lead Trainer this week
- Resources persons from invited entities
- Colleagues from BNM and AFI
“Selamat Pagi” (Good morning) and a warm welcome to the BNM-AFI Member Training on Cybersecurity for Financial Inclusion. On behalf of Executive Director and AFI Management Unit I would like to appreciate your commitment to enhancing financial inclusion in the face of global health emergency. I wish to thank BNM, the AFI Events Team led by Prem and the Capacity Building led by Madhu for successfully putting this training.
This is our first member training for the year 2020 and let me start by thanking Bank Negara Malaysia (BNM) for hosting this event. Cybersecurity has been at the top of the agenda in the AFI network. While BNM and AFI have organized joint policy forums on cybersecurity, this is our first training, together with BNM on cybersecurity.
So, this morning I want to use this platform to share with you the importance of exploring new strategies that should underpin your institution’s cybersecurity. I know that everyone here is a disciple of cybersecurity and you are therefore more cognizant than most about the cyber threats the financial sector in your respective countries face today. But it is important for us to reflect to make sure we all have a clear picture of the current depth and scope of the threat, and how we can position ourselves to address that threat.
The growth of data networks, mobile financial services and electronic commercial platform applications have invariably led to growth of cyber exploitation and cybercrimes. a small mistake in securing data or inadequate cyber hygiene can prove to be extremely damaging and may lead to huge losses for both customers and financial service providers. In the case of accounts not adequately secured, it becomes a field day for hackers or unauthorized users to unleash viruses or social engineered attacks that are designed to steal data and even money leaving a financial sector that lacks customer confidence. It is therefore key for us to be resilient against such attacks to protect data from theft and manipulation.
According to the latest edition of the World Economic Forum's Global Risks Report, cyber-attacks feature in among the top ten - in terms of impact and likelihood, reflecting an overall increasing trend as technology shapes the risk landscape. According to a report by European Systemic Risk Board (ESRB), the estimated global cost of cyber attacks stands at between USD45 billion and USD 654 billion.
Business organizations, mainly small and medium-sized are most vulnerable and face challenges in protecting data owing to limited financial and technological resources and as a consequence, do not frequently upgrade security systems. However, good cybersecurity frameworks provide better awareness towards cyber security and proper planning and help such business organizations in protecting their information and trade secrets from being disclosed. This is the thrust of this training. I hope at the end of it all we will be better equipped to design and employ more effective processes.
Financial inclusion through digitization is being emphasized globally and is expected to expedite the inclusion of the 1.7 billion of the unbanked in a secured, easy and affordable manner.
This Member Training is anchored on the October 2019 AFI publication - Cybersecurity for Financial Inclusion: Framework and Risk Guide, This document is a result of the Sochi Accord on Fintech for Financial Inclusion, endorsed by the AFI membership at the Annual General Meeting in Sochi, Russia on 5 September 2018. The Accord recognizes that while technology is important to drive financial inclusion, the gains may be eroded if effective technological risk mitigation is not considered in the design and implementation of financial services. Hence, the Cybersecurity Framework and Risk Guide provides key principles and best practices that can guide and assist regulatory and supervisory authorities.
It is clear that no one is spared from the cyber-risks. This striking reality has the potential of eroding the gains of financial inclusion and more often than not cybercrimes and internet scams victimize the vulnerable online communities such as the elderly population, young adults, women and consumers from lower socio-economic section of the population. I hope we will during the next few days give special focus on initiatives on the cybersecurity awareness that could be undertaken at the national and Central Bank’s level targeting these communities to mitigate cyber risks.
Given the focus on digitizing financial inclusion resulting in the rapid innovations, it is not surprising that trainings on topics related to Digital Financial Services have been in high demand in the recent years. Trainings on regulatory innovation, cybersecurity, platform economy, data protection and privacy etc. have topped the list of learning needs. It is therefore not surprising that we get such an overwhelming response whenever we offer trainings on these topics. Such response to the training is perhaps in itself an indication of the relevance of the training to the work being done in member institutions. Our host country Malaysia itself has been ranked 8th in terms of its commitment to cybersecurity globally and ranked 2nd within the Asia-Pacific region in the latest Global Cybersecurity Index 2018 by the International Telecommunication Union (ITU). Please convey our appreciation to your management who makes your participation possible in AFI’s trainings.
We look forward to your active participation and contribution to this peer learning based training. Your feedback is invaluable to us, please share your thoughts with our team who will be with you through the week. Thank you once again for joining us, and I wish you a productive week ahead. Enjoy your stay in Malaysia, hope you have time to explore the country and this beautiful training center provided by Bank Negara Malaysia.