BSP arms banks with tools to ward off cyberattacks

MANILA, Philippines - The Bangko Sentral ng Pilipinas (BSP) has taken a proactive stance to arm Philippine banks with the necessary tools to address the increasing level of cyberattacks that continue to confront the global as well as local financial communities.

BSP Governor Amando Tetangco Jr. said in an interview the regulator has been issuing regulations as well as advisories about the importance of bolstering cybersecurity among financial institutions.

“There will always be attempts but what is important is that you have the necessary firewalls to repel such attempts,” he told The STAR.

He pointed out the BSP has been continuously enhancing its supervisory framework through the issuance of necessary guidelines, public advisories, and memoranda as well as the adoption of a robust and dynamic supervisory program.

“If left unmanaged, these (cyber-attacks) can cause financial instability and the erosion of trust and confidence in the financial system,” he added.

Tetangco said the BSP has created a Cybersecurity and Oversight Surveillance Staff (CSOS) to study cybersecurity threats with the aim of enhancing regulatory policy framework and institutionalizing cybersecurity due diligence within the financial industry.

He pointed out the BSP is also conducting specialized trainings on cybersecurity and obtaining security-specific certification for supervisors and at the same time requiring BSP supervised financial institutions (BSFIs) to adopt risk-based cybersecurity controls, processes, and tools.

Furthermore, he said the BSP has issued the guidelines on business continuity management as well as cybersecurity risk management framework.

The BSP chief added the regulator has orders banks to adopt multi-factor authentication techniques for high-risk transactions and sensitive communications.

The BSP, he said, the central bank has also issued the guidelines on social media risks.

Massive cyberattacks spread throughout the world last week affecting computer systems in over 100 countries. The global “ransomware” spread malicious software around the globe shutting down networks at hospitals, banks, and government agencies.

The BSP has been beefing up its anti-money laundering measures after $81 million worth of funds stolen by hackers from the account of the Bangladesh Bank at the Federal Reserve Bank in New York entered the country through Rizal Commercial Banking Corp. (RCBC) in February last year.

Incoming BSP Governor Nestor Espenilla Jr. has issued Memorandum No. 2017-017 instructing BSFIs to sustain resilience efforts and continue to perform rigorous risk assessments of their current technology environment.