Why Cybersecurity is a Concern for Financial Regulators

In March 2017, the German Federal Financial Supervisory Authority (BaFin) held their third conference covering IT supervision for banks. At the conference in Bonn, BaFin President Felix Hufeld told the more than 400 attendees that cyber-risks are one of the most substantial facing the German financial sector. Cybersecurity risks are indeed immense, as banks are susceptible to theft, data breaches and denial of service attacks. In a recent study from KPMG, 38% of responding German companies reported to having been a victim of cyber-crime in the past two years. One in twenty reported losses of more than 1 million euros due to cyber-attacks.

The monetary costs for businesses are obvious. However, for the financial sector the costs can be farther reaching. Since financial institutions, public and private, play a critical economic function, the fallout from a cyberattack on an institution can trickle down into the rest of the economy and society. For this reason, cybersecurity has become a significant concern for financial regulators around the world. At the 2017 Frankfurt Finance Summit, Felix Hufeld will join Dr. Andreas Dombret, Executive Board Member of the Deutsche Bundesbank, for a panel discussion on the challenges of cybersecurity and innovation.

At the March conference on IT security, BaFin introduced new additions that will be made to the Minimum Requirements for Risk Management (MaRisk) concerning IT Security. The German regulator worked in cooperation with Deutsche Bundesbank on the forthcoming guidelines, called Bank Supervision Requirements for IT (BAIT), which are expected for the middle of 2017. BAIT aims to help banks understand the supervisory expectations regarding cybersecurity strategy. The guidelines will place new pressure on management boards to assume responsibility for strategically managing cyber-risks. At an event in 2016, Dr. Andreas Dombret referenced these responsibilities, explaining, “We therefore demand that banks clarify what is at stake and how the risks are supposed to be governed. This is called a cyber strategy, and every bank is required to have a convincing one.”

Not just German regulators are demanding higher cybersecurity standards from the financial sector. The New York State Department of Financial Services (DFS) has outlined new cybersecurity requirements for financial services companies which came into effect in March 2017. Amongst other items, the new regulations establish requirements for formal cybersecurity programs, incident reporting, and data encryption. Additionally, the New York regulators place the ultimate responsibility for cybersecurity with management boards and requires the employment of a Chief Information Security Officer charged with overseeing and implementing the cybersecurity program and enforcing its policies. The USA’s federal regulators are following suit and currently drafting regulations that would place stricter standards on sector-critical firms.

In January 2017, Jens Weidmann, President of the Deutsche Bundesbank, clearly explained that increasing reliance of market infrastructures on digital technologies has made the global financial system even more vulnerable to cyber-risks. Weidmann maintains that “The damage unleashed by successful attacks goes beyond the financial loss incurred. Cyber-attacks can potentially undermine peoples’ trust in the financial system.” This trust is critical to banks and financial services ability to serve their important role in society. Thus, it is understandable that cybersecurity falls within the purview of financial regulators and for them to set clear requirements, just as they would capital requirements, for example. Weidmann concluded by saying, “to avoid jeopardising the positive impact of digital finance, it will be crucial to address these risks and for banks to manage their IT and cyber risks with as much diligence as they do their traditional banking risks.”

These regulatory questions regarding cybersecurity will be addressed at the seventh Frankfurt Finance Summit, titled Europe Reloaded – Challenges for the Financial Sector. Felix Hufeld and Dr. Andreas Dombret will be joined by panel moderator and international economist Cornelia Meyer to discuss the challenges of cybersecurity and innovation.

Long-Term Financing – a stable road towards securing economic growth

At the 2017 Frankfurt Finance Summit, titled Europe Reloaded – Challenges for the Financial Sector, the transformation of long-term financing will be explored in the third panel discussion. Long-term financing is a crucial linkage between the financial and real economy, ensuring growth and stability. Furthermore, long-term financing plays an important role in society, facilitating the funds needed to undertake large infrastructure projects. Providing financing is one of banks’ natural functions. Regulatory requirements following the financial crisis have restricted banks’ ability, and to some extent, willingness to lend. Banks are increasingly unable to meet the rising demand for credit, which has led to non-bank actors becoming providers of long-term capital. However, these are not subject to the same regulations as banks, which creates new risks to financial stability.

Fueling growth and innovation

Long-term financing is a key factor for ensuring sustainable growth in the real economy. As companies expand and invest in new technology, financing is critical. Providing credit to businesses facilitates investment in expansion, new equipment and technology, R&D and personnel. This investment fuels real economic growth and helps European businesses remain competitive in the global arena. Long-term financing also helps banks and businesses look towards the future and increases stability. It allows banks to plan for the long term and to organize their liquidity management, which means they can reduce their vulnerability to short-term changes in capital markets and level out fluctuations in interest rates.

A bridge to the future

Much like a business’s financing requirements for investing in new technology and equipment, governments at every level require long-term financing for large infrastructure projects. Germany’s Ministry of Transport estimates that an investment of 7.2 billion Euros will be needed each year to maintain just the federal republic’s roads, railways and waterways. An expanding digital infrastructure challenges municipalities – in today’s digital economy, subpar connectivity is not an option.

The transition away from fossil fuels and atomic energy towards renewable sources of energy requires an enormous long term investment. In 2016, Germany spent 25 billion Euros on renewable energy. A byproduct of this investment has been the creation of hundreds of thousands of jobs, besides the obvious sustainable sources of energy to power its cities and industry. A growing economy demands a strong infrastructure, which is one factor that contributes to Germany’s attractiveness as a business location. Long-term investment in these infrastructure projects protects an economy’s future capacity for growth.

Finding the delicate regulatory balance

After the financial crisis, regulations have introduced much needed safeguards in the banking sector, but some argue that the demands of Basel III and Solvency II serve to disincentivize banks from long-term lending activities. Since margins are lower in long-term lending, incentives for carrying this risk on their balances sheets are very low. The European Commission addressed this issue in its 2013 Green Paper, encouraging other financial intermediaries to participate in long-term financing.

However, this is not a perfect scenario because these nontraditional intermediaries are not subject to the same regulations as banks. This creates an unlevel playing field and creates new risks for the economy. It is difficult to evaluate the health of the shadow banking sector. Stabilizing the banking sector through regulation will not augment overall stability if less regulated actors create new risks. The challenge facing regulators, governments and the financial sector is to find a balance that allows the free flow of credit into the economy while protecting tax payers from potential bail out scenarios.

At the 2017 Frankfurt Finance Summit, Jens Tolckmitt, CEO of the Association of German Pfandbrief Banks, will chair the panel The Transformation of Long-Term Financing, exploring how the financial sector, regulators and governments can address these challenges on the horizon. Joining Tolckmitt on the panel will be Wolfgang Kirsch, CEO DZ Bank, Michael Rüdiger, CEO DekaBank, and Roland Boekhout, Chairman of the Management Board, ING-DiBa. More information about the Frankfurt Finance Summit on April 26, 2017 can be found here.