BaFin Considering Cybersecurity Stress Tests

The head of the Federal Financial Supervisory Authority (BaFin) said on Tuesday that financial institutions need to strengthen their cybersecurity procedures.

Speaking at a conference in Frankfurt, Felix Hufeld, the president of the German regulator, said that “IT security is a matter for the boss.”

At the same event, Hufeld also said that BaFin and Germany’s central bank - the Deutsche Bundesbank - were considering forcing banks to start running cybersecurity stress tests.

Currently, there is some legislation in action throughout the European Union that forces firms to adhere to certain practices.

Most notably, General Data Protection Regulation (GDPR), which anyone who has stepped foot in an office over the past two years will be aware of, went live earlier this year.

GDPR - not enough for BaFin

The hope and joy of workers all across the globe, GDPR requires firms to report any data breaches affecting EU residents within 72 hours. It also allows site users to more easily opt-out of sharing their data.

Breaches of the Regulation Regulation Like any other industry with a high net worth, the financial services industry is tightly regulated to help curb illicit behavior and manipulation. Each asset class has its own set of protocols put in place to combat their respective forms of abuse.In the foreign exchange space, regulation is assumed by authorities in multiple jurisdictions, though ultimately lacking a binding international order. Who are the Industry’s Leading Regulators?Regulators such as the UK’s Financial Conduct Authority ( Like any other industry with a high net worth, the financial services industry is tightly regulated to help curb illicit behavior and manipulation. Each asset class has its own set of protocols put in place to combat their respective forms of abuse.In the foreign exchange space, regulation is assumed by authorities in multiple jurisdictions, though ultimately lacking a binding international order. Who are the Industry’s Leading Regulators?Regulators such as the UK’s Financial Conduct Authority ( Read this Term are also harsh. Firms that slip up can be fined €20 million ($22.79 million) or 4 percent of their annual revenue - whichever is higher.

Though GDPR has been the talk of every board meeting for the past couple of years, it is not exactly cybersecurity regulation.

In fact, its precepts are much more geared towards - as its name suggests - protecting customer data. True, there are fines for not reporting data breaches, but it doesn’t require firms to do anything to protect that data.

To those working in Liquidity Liquidity The term liquidity refers to the process, speed, and ease of which a given asset or security can be converted into cash. Notably, liquidity surmises a retention in market price, with the most liquid assets representing cash.The most liquid asset of all is cash itself.· In economics, liquidity is defined by how efficiently and quickly an asset can be converted into usable cash without materially affecting its market price. · Nothing is more liquid than cash, while other assets represent The term liquidity refers to the process, speed, and ease of which a given asset or security can be converted into cash. Notably, liquidity surmises a retention in market price, with the most liquid assets representing cash.The most liquid asset of all is cash itself.· In economics, liquidity is defined by how efficiently and quickly an asset can be converted into usable cash without materially affecting its market price. · Nothing is more liquid than cash, while other assets represent Read this Term or banking book risk, Hufeld’s suggested stress tests will be familiar.

Regulators’ endless demands for liquidity stress tests, whether it be meeting the net stable funding ratio (NSFR) or liquidity coverage ratio (LCR), give some idea as to what a cybersecurity stress test may look like.

Will the cyborgs in Brussels and Berlin start mandating them soon? Watch this space.