Banks under BSP Orders to Fight Cyber Threats


The Bangko Sentral ng Pilipinas (BSP) also known by BSP, has ordered the banks and the financial institutions to establish a collective, coordinated and as well as strategic cyber response through information sharing and collaboration procedure in order to further strengthen the industry’s resilience amidst the increasing cyber threats. Restituto Cruz, the sector-in-charge of the Financial Supervision Sector of the Central Bank has issued the Memorandum “2019-016” reminding all the banks about cyber threat intelligence and collaboration as already stated.

Cyber security network concept, Man protect network in smartphone.

Cruz has reminded all the banks and financial institutions regarding the Circular 982 that was issued in November 2017, making it mandatory moderate to complex BSP supervised financial institutions in the bid to actively participate in the information sharing organizations within the financial services industry. Cruz said that the major players in the banking industry should at any cost participate in the Cyber security Incident Database (BAPCID) that is being hosted by the Bankers Association of the Philippines (BAP) as cyber attacks could be launched even against the banks with simple information technology profiles pretty soon.

As stated by Cruz, the industry-wide cyber threat and the best practices sharing platform would successfully raise the level of situational awareness as the information on latest tactics, techniques and procedures of the cyber threat actors reaching out for targeting financial institutions includes those in the dark web.

Furthermore, he added that the platform would lead to a much faster, convenient and secure way of alerting the banks and providing rigid guidance in preventing and as well as remediating the imminent cyber threats and attacks. It has also been seen that during the last October, the BSP had raised the bar for its campaign against the cyber crime by making it mandatory for the banks and financial institutions to report all of the security breaches within two hours. The Central Bank has also approved the pioneering guidelines on the information security management that place a renewed focal point on the cyber security hence promoting the cyber resiliency of the entire banking industry.

The enhanced information security framework has successfully strengthened the cyber security controls in line providing a rapidly evolving cyber threat landscape surrounding all of the financial institutions. The latest guidelines and one of the first in Southeast Asia covers a holistic framework on the information security risk management as an integral part of the information security program of the banks, enterprise risk management system and as well as the governance mechanisms.

The cyber threat landscape has continuously evolved and is still growing with more threats surfacing in the cyber realm in an increasingly complex and sophisticated manner. The Philippines had been used as a channel when the hackers stole $81 million from the account of the Bangladesh Bank in the U.S. The stolen funds had been laundered in casinos that entered the country via the Rizal Commercial Banking Corp. (RCBC) and was later slapped with a record P1 billion fine. President Duterte has signed the “Republic Act 10927” amending RA 9160 or the Anti-Money Laundering Act of 2001 while stating that cash transactions of casinos in excess of P5 million must at any cost be reported to the Anti-Money Laundering Council without a fail.

Disclaimer: does not promote or endorse claims that have been made by any parties in this article. The information provided here is for the general purpose only and unintended to promote or support purchasing and/or selling of any products and services or serve as a recommendation in the involvement of doing so. Neither nor any member is responsible directly or indirectly for any loss or damage caused or alleged to be caused by or in relation with the reliance on or usage of any content, goods or services mentioned in this article.



Please enter your comment!
Please enter your name here