With 46% of UK business reporting a cyber attack during 2019/2020 and 32% reporting at least one a week – see the UK Government’s Cyber Security Breaches Survey 2020 – the UK’s Financial Conduct Authority (“FCA”) has issued a timely warning to market participants of increasing cyber security threats in the wake of COVID-19.
Operational resilience remains a key priority for the regulator, with cyber threats posing a significant risk to firms and clients. The FCA’s clear focus on this area (along with other regulators worldwide) means that firms need to stress test their existing frameworks as a priority.
Earlier in the year, the FCA set out its expectations of continued vigilance in a Dear CEO letter to Asset Managers, which identified key risks in the area of AML failures, technological failures or cyber-attacks. Since then, there has been a series of communications, including the 2020/21Business Plan, podcasts and speeches, which focus on the need for firms to review their existing policies and procedures concerning operational resilience.
The FCA’s Cyber Security Groups (which included subsectors in Investment and Fund Management), identified key security…
