Treasury Management Internation Logo

Payments Industry Comes Together to Tackle Growing Cyber Threat Problem

Published 

Payments 20 (P20) has collaborated with some of the largest payment firms and law enforcement organisations to develop a standard approach which will help firms defend themselves against the growing, global cyber threat.

The advocacy group, alongside organisations including American Express, Elavon, Hogan Lovells, J.P. Morgan Chase, the UK National Cyber Security Centre and New York State Department of Financial Services, has created a new report entitled ‘20 Best Practice Recommendations for Improved Cyber Security Protection’.

Aimed at non-cyber professionals, the report emphasises the urgency of implementing more efficient and comprehensive cyber security frameworks in response to the increasing capabilities of cyber criminals, scammers and other nefarious actors since the onset of the COVID-19 pandemic.

The uncertainty and disruption caused by the COVID-19 pandemic has presented cyber criminals with a wealth of opportunities to attack. Since March 2020 cyber crime has rocketed with 74% of banks experiencing a rise in cyber attacks and three out of four financial institutions worrying about the historic rise in criminal activity and what will happen going forward.

The cyber security problem now represents a serious systemic threat to the global financial system, a sentiment echoed by Chairman of the Federal Reserve Jerome Powell, who in April 2021 said he worried that a cyber attack may result in the next great financial crisis. This highlights the need to a collective global, standardised approach towards counteracting the threat.

The best practice actions cover five areas: 

  • Network security 
  • Data handling 
  • Employee awareness 
  • Actions before a cyber attack occurs 
  • Actions immediately after a cyber attack occurs 

Duncan Sandys, Chief Executive Officer at P20, said: “As businesses across the globe embraced remote working and shifted operations online, the state sponsored and professional criminal gangs exploited the weaknesses of security apparatus and the fears of individuals. At P20, we believe everyone has a part to play in protecting their organisation and its reputation against this threat. This is why we joined forces with leading financial institutions, cyber security experts and government officials to compile standardised, easy to implement actions for non cyber experts which will go a long way in strengthening their organisations’ defences and protecting their customers.”

Michael Papay, EVP, Technology Risk & Information Security at American Express, said: “The greatest vulnerabilities in the payments network are those hidden third-parties or fourth-party suppliers that nobody has identified as a risk. A lot of the big companies involved in payments networks understand the challenges — they understand information security; they know how to approach these problems and how to tackle them.  It’s the smaller companies that are providing some critical service that we haven’t fully solved for yet.”

JF Legault, Managing Director, Global Head of Cyber Security Operations at J.P. Morgan Chase, said: “You can have the strongest controls in the world, the best cyber security program but one thing that organisations continuously need to work on is improving their crisis management processes.”

Paul Maddinson, Director for National Resilience & Strategy at the UK National Cyber Security Centre (NCSC), said: “There are several things that we recommend for small organisations to get those basics right. One is about backing up data and making sure you’re doing that properly. The second is using passwords appropriately. The third is keeping your devices updated and making sure that the software is patched. The fourth is putting some protections in place against malware and then trying to avoid phishing attacks through email and how your staff respond.”

The publication of the report comes ahead of P20’s annual Global Payment Conference, taking place on 28-29 September 2021 where cyber security will be a key talking point. The conference will bring together hundreds of industry leaders, politicians, government officials, regulators, thought leaders and others to highlight trends, debate industry priorities and shape the future. Keynote speakers include Andrew Bailey, Governor of Bank of England, Patricia Scotland, Secretary General of The Commonwealth, Christopher Woolard CBE, ex-Interim CEO, UK Financial Conduct Authority, Michael D’Ambrosio, ex-Assistant Director, US Secret Service and former US Ambassador to the United Nations, Andrew Young.

Read the full report here.

Most recent episodes

HSBC’s Sibos Spotlight: Embedding ESG in Trade and Supply Chains

In the second podcast from HSBC’s Sibos Spotlight series, TMI’s Eleanor Hill speaks to Surath Sengupta (HSBC) about embedding ESG into trade and supply chains....

20:58

Lost in Transaction: Overcoming Payments Pitfalls

From simple errors to duplicates, fraud and sanctions violations, there are a number of areas where payments can go wrong – especially in the real-time environment. In this podcast, TMI speaks to Andrew Ferrao...

34:25

HSBC's Sibos Spotlight: Central Bank Digital Currencies

The first edition of HSBC’s Sibos Spotlight series sees TMI’s Eleanor Hill joined by Mark Williamson and James Pomeroy (HSBC) to discuss the hot topic of Central Bank Digital Currencies (CBDCs). Our guests discuss...

25:48

Payments Vision 2025: The Inside Track

Wim Grosemans, Steven Lenaerts (BNP Paribas) and Wim Raymaekers (SWIFT) join TMI’s Eleanor Hill to outline their vision for the payments landscape in 2025. Our guests consider how recent developments such as instant...

28:21

Stepping Out from the Shadows

“Treasurers needs to step out of the shadows and into the sunshine in terms of their strategic contribution.” claims Zitah McMillan, Co-Founder and CEO, Predictive Black. In this podcast, hosted by TMI’s Eleanor Hill, our guest declares that the...

16:54

Why the ‘One Size Fits All’ Approach is Outdated - A Cash Segmentation Treasury Masterclass

With the ongoing low interest-rate environment and increasing regulatory change, it’s more important than ever for treasurers...

23:55

Instant Payments: Instant Rewards

TMI’s Eleanor Hill sits down in the virtual TreasuryCast studio with J.P. Morgan’s Global Head of Real-Time Payments, Cyrus Bhathawalla, to discuss how treasurers can capitalise on the evolving nature of real-time payments. Our guest contemplates the elements...

23:55

Building a Data Driven Cash Forecast (with Minimum Effort)

TMI’s Eleanor Hill is joined by Conor Deegan, CashAnalytics, and TMI Award winner François Masquelier to discuss how to make use of internal and external cash flow data sources to create reliable and accurate...

41:34

Tackling the Complexities of IBOR Transition

TMI’s Ben Poole speaks to Shaun Kennedy (Associated British Ports), Tassos Dimopoulos (Salmon Software), and Svenja Schumacher (Deloitte), who provide listeners with everything they need to know about the upcoming...

32:27

KYC: How to Streamline Customer Reference Data in Treasury Processes

In this podcast, Cornelia Hesse (EACT/ VDT) speaks to Noëlle Belmimoun (ArcelotMittal/ AFTE), Patrick Holemans (SWIFT), Séverine Le Blévennec (Aliaxis), Tarek Tranberg...

43:05