At the FCA’s annual public meeting today an audience member accused the regulator of being complacent about cyber security.
Andrew Bailey, chief executive of the Financial Conduct Authority, ranks cyber-attacks as the biggest and fastest growing threat to the industry after a number of high profile incidents occurred in the last year.
At the FCA’s annual public meeting today an audience member accused the regulator of being complacent about cyber security.
Bailey responded: “I say often if I have to rank risks and those risks that have increased in the last year or two; frankly in the last year in terms of their significance and materiality of what we’re facing I would put cyber at the top.
“The reality of cyber risk framework… affects us as much as it affects others. It’s a very important subject to us and we take it very seriously.”
Nausicaa Delfas, the firm’s acting chief operating officer, defended theFCA'srecord on cyber-security.
She said the FCA has developed CBEST testing framework to help firms and their regulators identify types of cyber-attack.
It has also launched a Cyber Coordination Group Initiative, where firms meet to discuss cyber security issues.
And it has formed specialist teams dedicated to international thinking on cyber resilience.
Shesaid: “We’re continuing to engage with firms where outages and cyber-attacks occur. Obviously we are raising the profile of the issue with the industry through speaking engagements and so forth.
“In terms of the responsibly at the FCA we are interested in cyber because of the impact on consumers – the fact that consumer data or assets can be lost, so we are interested in this from a consumer protection perspective.
“Also from a market integrity perspective because obviously you wouldn’t want data to be compromised or market abuse to occur.
“And in the interests of competition so the services are available and people can access the market."
She went on to say whenevera cyber incident occurs the FCA is often the first responder, alongside the Bank of England and the government's National Cyber Security Centre.