PETALING JAYA: Cybercrime remains a growing concern with the rampant rise in new ways to scam and fraud people, and a shortage of talent in the field of cybersecurity remains acute in the financial services sector.
Moving ahead, financial institutions can expect a more challenging operating environment.
This is as innovations such as cloud services and artificial intelligence become more common in the future, heightening cybersecurity risks amidst rising customers’ expectations of better security and safety, said Kenanga Research.
It said there were also legal challenges involved when dealing with different jurisdictions for the financial institutions.
Cross-organisational and cross-border cooperation is essential to address the seamless world of cyberspace.
Coordinated surveillance and assessment are crucial not only for effective risk mitigation, but also for the successful arrest and prosecution of perpetrators, it said.
It said one key issue for customers is the return of monies lost in fraudulent transactions. There needs to be better and stronger regulations and laws that compel quicker refunds.
While customers themselves are the best defence in the battle against scammers, it is imperative that banks play a bigger role in keeping customers informed and aware of potential private data breaches and scam tactics.
Due to the limitations of disclosures, it is a challenge to establish a benchmark between the listed financial institutions.
It said the current industry practice includes reporting on data privacy and cybersecurity efforts within the “sustainability statements” in their respective annual reports, although consistency between them could be further enhanced.
It is still appreciated that information provided offers a sense of effort taken by the respective banks, such as materiality matrix and risk management frameworks, referenced legislations and guidelines, staff education and training on cybersecurity and awareness, it added.
Kenanga Research has an “overweight” call on the banking sector and it believes the sector’s resilience is under-appreciated amidst looming market-wide concerns.
However, to enable a more comprehensive perception to be established, it proposed for disclosures to include more transparency and with more numerical emphasis, albeit gathering that this information could be sensitive towards the reputational risks to the banks.
These items could include frequency of cyber risk incidences and timeliness of resolution, and the financial losses incurred.