ECB launches public consultation on cyber resilience oversight expectations
- ECB calls for input on draft cyber resilience oversight expectations for financial market infrastructures
- Draft document defines ECB’s expectations in terms of cyber resilience, based on existing global guidance
- Consultation runs until 17:00 CET on 5 June 2018
The European Central Bank (ECB) is today launching a public consultation calling on financial market infrastructures (FMIs) and other interested parties to give their input on draft cyber resilience oversight expectations. Cyber resilience is an important aspect of FMIs’ operational resilience and is thus also a factor affecting the overall resilience of the financial system and the broader economy.
The cyber resilience oversight expectations are based on the global guidance on cyber resilience for financial market infrastructures from an oversight perspective. This guidance was published by the Committee on Payments and Market Infrastructures and the Board of the International Organisation of Securities Commissions (CPMI-IOSCO) in June 2016. FMIs were required to apply the guidance immediately, and overseers have been working to develop an oversight approach for assessing the FMIs within their jurisdiction against the guidance.
The cyber resilience oversight expectations serve three key purposes:
(i) they set out clear criteria against which the overseers assess the FMIs for which they are responsible, helping them to determine the FMIs’ level of resilience against cyber threats;
(ii) they provide FMIs in the euro area with concrete steps to implement the guidance and enhance their cyber resilience over a prolonged period of time; and
(iii) they provide the basis for a meaningful discussion between the FMIs and their respective overseers.
The safe and efficient operation of FMIs is essential for maintaining and enhancing financial stability and economic growth, which the ECB promotes under its oversight mandate for the smooth operation of payment systems in the euro area. If not properly managed, FMIs can be sources of financial shocks, such as credit losses. They can also be a major channel through which these shocks are transmitted across domestic and international financial markets.
FMIs and other interested parties are invited to submit comments on the draft cyber resilience oversight expectations by 17:00 CET on 5 June 2018. Responses should be sent by email, using the comments template, to ECB-Oversightfirstname.lastname@example.org. Following the public consultation, the individual comments together with a feedback statement will be published on the ECB’s website.
For media queries, please contact Lena-Sophie Demuth, tel.: +49 69 1344 5423.
The ECB promotes the safety and efficiency of payment, clearing and settlement systems in the euro area under its oversight mandate, guided by oversight regulations, standards, guidelines and expectations. At Eurosystem level, the ECB is the competent authority for the systemically important payment systems in the euro area: TARGET2, EURO1 and STEP2-T and is the lead overseer for TARGET2-Securities; oversight of other payment systems lies with the national central banks.