Cyber Tops Bank Risk List for 2023: EY
Chief risk officers say they are seeing cybersecurity risks everywhere, new survey shows
- Written by Banking Exchange staff
Bank risk chiefs rank cybersecurity as their top risk management priority for 2023, according to a new survey from EY.
The global consultancy giant’s annual survey of bank chief risk officers (CROs) found 72% of respondents ranked cybersecurity among their top five risk priorities for this year.
“CROs see cyber risk everywhere — in every line of business, in day-to-day operations and transformation programs, and across extensive partner and supplier networks,” wrote EY’s Jan Bellens, Bill Hobbs and Christopher Woolard.
“Cyber risk is prominent on both short-term and long-term agendas. 58% of survey respondents chose their inability to manage cybersecurity risk as the top strategic risk for the next three years.
Overall, the second biggest risk was credit, according to the survey, with 59% of respondents selecting it. As global economic conditions remain volatile and inflation stays high, this risk could become the number one priority for many more banks, EY suggested.
Environmental risks — including climate change — ranked third, selected by 36% of respondents.
Four in five respondents (81%) said digital transformation was an increased priority for their bank, while automation and “advanced analytics”, including the use of artificial intelligence, were also becoming more important areas for banks.
Longer term, the global survey found 65% of chief risk officers planned to focus on climate risk over the next five years — although this level varied significantly by region.
The survey comes as a new report from the Office for Financial Research highlighted cybersecurity and specifically state-sponsored cyber attacks as one of six major threats to US financial stability.
The number of cyber attacks aimed at financial institutions globally has increased in recent years compared to the early 2010s, according to data from the Carnegie Endowment for International Peace.
Tagged under Risk Management, Feature3, Feature, Cyberfraud/ID Theft, Compliance/Regulatory, Operational Risk, Security,