Keeping one’s money in and transacting through banks remains “generally safe” considering that clients affected by cyber crimes represent an insignificant fraction of the market, according to the Bangko Sentral ng Pilipinas (BSP).
“I think it’s still generally safe to use our banking system. We are not underestimating the losses suffered by those customers who were unduly affected by this [BDO hacking] incident,’ said Melchor Plabasan, director of the BSP’s Technology Risk and Innovation Supervision Department.
“We have been checking the number of accounts, which have been compromised, not only with this incident, but some of the [previous] incidents, and it’s still way, way below one percent relative to the total size of the market,” Plabasan said in a press briefing.
He said that the chances of one becoming a victim of cyber crime “is very minimal.” When pressed for details, Plabasan said statistics were not yet available.
“But, then again, we are working with the industry to ensure that the losses [sustained by customers] will be reimbursed and that the industry will continuously upgrade their security systems,” Plabasan added.
Also, BSP Governor Benjamin Diokno said the regulator was carrying out major policy initiatives to further build up the financial system’s cyber defenses and overall resilience amid increased digitalization in the Philippines.
Diokno said the BSP was in the final stages of issuing a circular mandating the adoption of robust fraud management systems and temporary holding of funds as part of BSFIs’ Enhanced Due Diligence (EDD), referring to BSP-supervised financial institutions.
“As digital transformation and cyberthreats simultaneously evolve, we are working closely with [BSFIs] and stakeholders on pioneering and cohesive solutions to promote innovation while ensuring the safety and resilience of the financial system,” the BSP chief said.
Diokno added that, in the same vein, the BSP, in coordination with banking associations, recently issued an industry playbook development guide on ransomware.
Developed in the aftermath of the recent high-profile cases involving ransomware in the United States and other parts of the world, the industry guide contains best practices and recommended controls to help companies effectively manage ransomware attacks.
Further, the BSP is also developing the Financial Services Cyber Resilience Plan (FSCRP) which will serve as a primary and cohesive framework to promote trust and cooperation, intelligence sharing, and adoption of cybersecurity best practices and standards among BSFIs.