Eurozone banks will be required to report major cyber incidents to the European Central Bank, as part of the bloc’s attempts to get a grip on a growing threat to financial stability.
In a speech on Monday, Sabine Lautenschläger, the ECB’s vice chair for supervision, said that as of this summer banks would have to log “major incidents” of cyber attack with the central bank.
The move comes a year after the ECB trialled a “cyber reporting framework” for lenders, allowing them to register attacks with the ECB – which has direct supervisory responsibility for the region’s most systemically important banks.
Ms Lautenschläger, who also sits on the ECB’s governing council, said:
“This will help us to assess more objectively how many incidents there are and how cyber threats evolve. It will also help us to identify vulnerabilities and common pitfalls.”
Cyber attacks on banks have been on the rise in recent years. In January, an international criminal gang hit some of the UK’s largest banks, bringing down digital services at Lloyds Banking Group intermittently for more than two days.
“We take cyber risk very seriously, and we approach it from various angles. My advice to banks is to do the same. It is vital to be alert and ready to react”, added Ms Lautenschläger.