|
The cyber resilience oversight expectations are based on the global guidance on cyber resilience for financial market infrastructures from an oversight perspective. This guidance was published by the Committee on Payments and Market Infrastructures and the Board of the International Organisation of Securities Commissions (CPMI-IOSCO) in June 2016. FMIs were required to apply the guidance immediately, and overseers have been working to develop an oversight approach for assessing the FMIs within their jurisdiction against the guidance.
The cyber resilience oversight expectations serve three key purposes:
they set out clear criteria against which the overseers assess the FMIs for which they are responsible, helping them to determine the FMIs’ level of resilience against cyber threats;
they provide FMIs in the euro area with concrete steps to implement the guidance and enhance their cyber resilience over a prolonged period of time; and
they provide the basis for a meaningful discussion between the FMIs and their respective overseers.
The safe and efficient operation of FMIs is essential for maintaining and enhancing financial stability and economic growth, which the ECB promotes under its oversight mandate for the smooth operation of payment systems in the euro area. If not properly managed, FMIs can be sources of financial shocks, such as credit losses. They can also be a major channel through which these shocks are transmitted across domestic and international financial markets.
FMIs and other interested parties are invited to submit comments on the draft cyber resilience oversight expectations by 17:00 CET on 5 June 2018.