Criminals are exploiting vulnerabilities opened up by the Covid-19 lockdown, increasing the risks of cyber attacks, money laundering (ML) and terrorist financing (TF).

Authorities worldwide have responded by drawing financial institutions' attention to these threats and by providing guidance on ways to improve cyber security and mitigate ML and TF risks.

Financial authorities are warning financial institutions to be particularly watchful in relation to their IT networks and non-public data; third-party risk; and cyber security incident response plans; and to focus additional effort on staff training and awareness.

 Financial authorities also emphasise the need for financial institutions to be vigilant of new ML and TF risks and to continue meeting anti-money laundering (AML) and combating the financing of terrorism (CFT) requirements, while using the flexibility built into the AML/CFT risk-based framework, digital customer on-boarding and simplified due diligence processes.

In both areas, the official guidance underscores the trade-offs between expecting financial institutions to enhance or adjust their cyber resilience and AML frameworks and, on the other hand, avoiding imposing an excessive burden that could hinder financial institutions in delivering key financial services.