Dossier on cyber risks

The cyber risks faced by the financial market remain high. The management of cyber risks was therefore a focal point of FINMA’s supervisory activity in 2023.

Cyber risks remain one of the biggest operational risks for supervised institutions. The Swiss financial sector has not been left unscathed by cyberattacks.

In 2022, successful cyber attacks on companies across all sectors hit the headlines once again, both in Switzerland and worldwide. FINMA also identified an increasing number of reported cyber attacks on supervised institutions.

Increasing professionalisation of criminals and ever shorter times between the announcement and exploitation of critical security vulnerabilities are keeping the financial industry on its toes.

During the year under review, successful cyber attacks on established companies from all industry sectors, both in Switzerland and the rest of the world, were reported in the headline news. FINMA has also observed an increasing number of reported cyber attacks. Since the entry into force, in September 2020, of the clarifications on the duty to report cyber attacks, as published in FINMA Guidance 05/2020, a total of 95 cyber attacks of substantial importance for the affected institutions have been reported. The worst-affected institutions were banks, followed by asset managers and insurance companies.

The coronavirus pandemic has given an extra boost to digitalisation. However, greater digitalisation also increases the dependency on information communication technologies, which can give rise to significant vulnerabilities at Swiss financial institutions. For example, IT system outages and disruptions, particularly those resulting from cyberattacks, can jeopardise the availability, confidentiality and integrity of critical services and functions. 

Dependency on information and communications technologies continued to rise in 2020. This was driven by the digitalisation strategies pursued by the supervised institutions and was intensified even further by the pandemic-driven extensive shifts towards home-office working. This dependency has rendered financial institutions increasingly vulnerable to cyber attacks. FINMA therefore assessed this risk to be even higher than in the previous year. It considers it to be one of the seven top risks faced by the Swiss financial centre.

The high and ever-growing dependency on and interconnectivity of information and communication technologies gives rise to pronounced vulnerabilities among Swiss financial institutions. For example, outages of and disruptions to IT systems, particularly those resulting from cyberattacks, can jeopardise the availability, confidentiality and integrity of critical services and functions. Depending on the nature of the cyberattack in question, this can have repercussions not only for individual financial institutions but on the functioning of the Swiss financial centre as a whole.

Technological progress and the latest trends have led to FINMA stepping up its supervision of cyber risks. These risks are monitored directly, for example through focused on-site audits by FINMA, and monitored by audit firms as part of the regulatory audit process.

The high and ever-growing dependency on and interconnectivity of information and communication technologies give rise to pronounced vulnerabilities among Swiss financial institutions. For example, outages of and disruptions to IT systems, particularly those resulting from cyberattacks, can jeopardise the availability of critical services and functions.

Supervision is focusing on technology-driven risks such as the threat of cyber attacks and the risks associated with outsourcing.

Swiss banks must guard their infrastructure against various types of attack. In addition to phishing, malware and disruption to the availability of computers, the debilitating scenarios Swiss financial institutions face are growing ever more sophisticated and complex.