Noting that cyberthreats and incidents in the financial sector in Jamaica pose a serious hazard to financial stability, the Bank of Jamaica, BOJ, has issued a new consultation paper with guidelines indicating that the buck stops with the boards of banking institutions in relation to the containment of the risk.
The proposed guidelines on the ‘Management of Cyber Risks’ have been posted online by the BOJ for feedback that might be used to refine the document. They guidelines are intended to establish minimum standards on the management of cyber risk for banking licensees and will become binding once finalised.
The draft puts the onus on boards of directors for establishing the banking or deposit-taking institution’s cyber risk tolerance and overseeing the implementation of cyber risk management strategies, policies, procedures and controls that support the continuity of critical operations and core business lines.
Currently, bank fraud is an $800-million problem or thereabouts.
The management of the risks is expected to take into account interconnected factors associated with third-party dependencies, such as supply chain, procurement and outsourcing….
