Skip to content

News

Russian invasion of Ukraine: operational and cyber resilience

FCA Consumer Duty
Share on facebook
Facebook
Share on twitter
Twitter
Share on linkedin
LinkedIn
The FCA has set out the below points that you should consider regarding your firm’s operational and cyber resilience following Russia’s invasion of Ukraine:

 

Although the National Cyber Security Centre (NCSC) is not aware of any current specific cyber threats to the UK following events in Ukraine, the NCSC has supported US President Biden’s call for increased cyber security vigilance among firms in response to Russia’s invasion of Ukraine.

We recommend firms follow their actionable guidance as a priority, to reduce your risk of cyber compromise.

Cyber security

Alongside the guidance listed above, the NCSC have issued guidance for various sizes of firms:

We also encourage firms to review the NCSC’s Cyber Essentials scheme.

You should consider your ability, and that of your third-party providers, to withstand a cyber attack. You should take all appropriate steps to shore up your controls, including raising staff awareness: that may, for example, include re-running staff ethical phishing campaigns. Consider if your staffing levels are appropriate to deal with an elevated cyber risk.

Important business services

You should consider the implications of the continuing unrest and UK/US/EU sanctions and how that might impact upon your firm and your third-party providers, and whether this could affect your ability to deliver your important business services.

Business continuity and incident management

You should ensure your business continuity and incident management arrangements are up to date, ensuring that you can continue to function and meet your regulatory obligations in the event of unforeseen disruption.

Reporting incidents

You should be ready to report material operational incidents to the FCA in a timely way.

During this period, it could be extremely valuable to the FCA and other UK authorities to be notified quickly of developing cyber incidents or outages, so that we can provide specialist expertise and work to minimise harm to consumers, markets and the wider UK financial sector.

See how to report an operational disruption.

False information

You should be alert to the risk of false information being gathered or shared about the operations of a particular firm or the financial services sector, or about your staff. This could be, for example, information shared on social media.

If false information is circulated about your firm, you should have a prompt, clear response to try and prevent that information being acted upon.

 

Source: FCA

Share on facebook
Facebook
Share on twitter
Twitter
Share on linkedin
LinkedIn

Related Posts

financial crime compliance

The escalating costs of global financial crime compliance

The digital revolution, spearheaded by digital banking, cryptocurrency, artificial intelligence (AI), and digital payment systems, has significantly contributed to the exponential rise in global financial crime compliance costs. According to
Read More >
Safeguarding: Is your firm compliant?

Safeguarding: Is your firm compliant?

With the Financial Conduct Authority (FCA) paying more and more attention to firms safeguarding arrangements to ensure customer funds are sufficiently protected, many firms are approaching Neopay for guidance and
Read More >