The World Council of Credit Unions urged the Financial Stability Board to consider the impact of it’s proposed revisions to international standards trying to achieve greater convergence in cyber incident reporting.  The comments came as part of the FSB’s consultation seeking to strengthen and harmonize frameworks surrounding operational resilience and the desire to increase efforts to reign in the effects of cyber incidents.

World Council agreed strongly with aspects of the consultation that are designed to get at the core roots and causes of cyber incidents.  It acknowledged that the findings of the FSB that cyber incidents are growing in frequency and sophistication and the risk of contagion across borders and sectors due to the growing interconnectedness of the financial system is likewise increasing.  It also noted that the FSB’s focus on increasing the sharing of timely and accurate information is well placed to create a system that is effective for incident response, recovery and promoting financial stability. 

World Council expressed concerns, however, that the solutions often called for expensive and extensive regulatory requirements that are not tailored to the size, risk, and complexity of credit unions, noting that credit unions rarely operate on a cross-border basis, are small in size as compared to large banks, and therefore pose little risk of contagion or “spill-over” effects on other countries.  World Council suggested that reporting be limited to simple, but actionable reporting and reporting that could be accomplished through established regulatory reporting without the need to create new bureaucracies.

The FSB is conducting this review at the request of the G20 and the ever increasing concern from regulators about the risk posed by cyber incidents.

A copy of the letter can be viewed here.