Regulators consider cyber stress tests at EU banks
The European Union is considering "stress tests" of banks' defences against cyber attacks, officials have said, as concerns grow about the industry's vulnerability to hacking.
Cyber attacks against banks have increased in numbers and sophistication in recent years, with criminals finding new ways to target banks beyond trying to illicitly obtain details of their customers' online accounts.
The UK's Lloyds Bank has emerged as the latest lender to be the target of a cyber attack that two weeks' ago led to customers being locked out of online accounts.
The Central Bank here brought in new guidelines last year that apply to all regulated financial firms - including banks and insurers - in an bid to prevent attacks by raising technology standards.
Internationally, complex cyber attacks continue to rise. Banks "are struggling to demonstrate their ability to cope with the rising threat of intruders gaining unauthorised access to their critical systems and data", a report from the European Banking Authority (EBA) warned in December.
The next step from European regulators to boost security could be an EU-wide stress test. The European executive commission is assessing additional initiatives to counter cyber attacks, a commission official told Reuters. "These include cyber-threat information sharing or penetration and resilience testing of systems."
The ECB last year announced plans for a database to register incidents of cyber crime. The Commission is studying whether EU-wide tests would help step up security, a source said.
The EBA, which is in charge of stress-testing banks, is expected to detail in summer the checks it intends to conduct in the next exercise, which is planned for mid-2018.
An EBA official said cyber security was on the agency's radar but no decision had been made on a possible stress test. EBA chairman Andrea Enria has urged EU states to stress-test their financial institutions for cyber risks. (Reuters)