The Federal Financial Institutions Examination Council (FFIEC) members today advised financial institutions, consistent with existing regulatory expectations, to actively manage the risks associated with interbank messaging and wholesale payment networks. In a statement, the FFIEC also stressed that financial institutions should review risk-management practices and controls related to information technology systems and wholesale payment networks, including risk assessment; authentication, authorization and access controls; monitoring and mitigation; fraud detection; and incident response.
The joint statement notes that recent cyber attacks have targeted interbank messaging and wholesale payment functions at financial institutions to originate unauthorized transactions. These unauthorized transactions may subject a bank that originates such transactions to losses and compliance risk.
Financial institutions may find additional information on risk management and cybersecurity threat management on the FFIEC’s website at http://www.ffiec.gov/cybersecurity.htm (opens new window).