Advancing macroprudential tools for cyber resilience : operational policy tools : a review of national and pan-European frameworks

Cyber threats continue to pose significant risks to financial stability in the EU and beyond. The persistently heightened cyber threat environment in Europe is evidenced by the sabotage of undersea telecommunications cables, the disruptions to systems in large banks and third-party providers, and the increased sophistication of cyberattacks and the skills of hackers. This shows how even financial institutions with mature cybersecurity and tested disaster plans are not immune to cyber risk. It also highlights that financial institutions need to assess their own third-party providers' cybersecurity fitness in the interests of overall financial stability. Incidents like the ransomware attacks on the ION Group and ICBC Financial Services in 2023 show that key economic functions such as securities trading and the US Treasury market impact financial markets (see Box 1). Also, if contingencies and mitigants had not been available or had not worked effectively, these incidents could have been amplified and could have had a significant impact on firms, with potentially systemic financial stability impacts. Recovery from a serious ransomware attack takes time and if a key node in the financial system is affected (such as a financial market infrastructure, FMI) it will be likely to crystallise systemic impacts and require the authorities to take action to prevent financial stability contagion.