UK Banks not reporting all cyber-attacks

27 October 2016

A large number of cases have never been revealed

Many cyber-attacks on large UK banks go un-reported out of fear of bad publicity, according a recent report.

According to Reuters, reported attacks on financial institutions in Britain have risen from just five in 2014 to 75 so far this year. However, banks and cyber-security experts say many more attacks are taking place.

Unlike many other countries, the UK does not have mandatory breach requirements. Banks are not obliged to reveal every instance as cyber-attacks fall under Britain’s financial Conduct Authority (FCA) provision for companies to report any event that could have a material impact. In the U.S forced disclosure makes reporting more consistent.

Reuters quote Ryan Rubin, U.K managing director of consultants Protiviti, who says: “This is a gray area…Banks are in general fulfilling their legal obligations, but there is also a moral requirement to warn customers of potential losses and to share information with the industry.”

According to the report, failure to disclose more serious cyber incidents, even when unsuccessful, deprives regulators of information that could help prevent further attacks.

Read more:




Contact us for more information

<< Back to Latest News items