With the rapid development of online banking, including mobile banking, are commercial banks increasing spending on improving cyber risk management processes to a greater extent than on credit risk management?
In recent years, the importance of managing the risk of cybercrime of information systems and the potential loss of data transferred over the Internet has been growing, as well as improving systems and instruments for cyber security of information systems using modern ICT, Internet and Industry 4.0 information technologies, including, among others, Internet of Things technology. A major factor in the growing importance of information systems cybercrime risk management is the rapid development of online and mobile banking. In addition, during the SARS-CoV-2 (Covid-19) coronavirus pandemic, the development of online and mobile banking accelerated. This was due to the increase in the scale of digitization and internetization of various spheres of business entities during the pandemic. The financial sector, including the commercial banking sector, is one of those sectors in the economy where the opportunities for the application of ICT information technologies, Internet technologies, Industry 4.0/5.0 including artificial intelligence, artificial neural networks, machine learning, deep learning, Internet of things, cloud computing, Big Data Analytics, multi-criteria simulation models, digital twins, Blockchain, virtual and augmented reality, etc. are the greatest. On the other hand, this is also a sphere of advanced information systems that is particularly vulnerable to attacks from cyber criminals using various cybercriminal techniques to extort bank account access data from bank customers and/or hacking into e-banking systems. In this area, something is constantly happening. On the one hand, banks are implementing new ICT information technologies and Industry 4.0/5.0 and on the other hand, cybercriminals are also taking advantage of these new technologies. Often it even happens the other way around, i.e., first the cybercriminals create new techniques to seize customer data necessary to log in to bank accounts operating on Internet bubble systems and then the bank's hired IT specialists patch system gaps and improve security for access to bank IT systems, improve firewalls, anti-virus applications, etc. However, commercial banks operating under the formula of classic deposit-credit banking get most of their revenue from their banking activities, generate most of their profits from their lending activities, from providing loans to different types of business entities, to citizens, to other banks that act as borrowers. Procedures for granting credit, improving credit risk management, regulations shaping credit activities improved, perfected and adapted to the changing economic environment usually for many decades. In contrast, the development of online and mobile banking was realized in a much shorter period of time than the development of commercial banks' lending activities. As a result, the procedures associated with lending activities in recent years are no longer subject to the same degree of change as the development of communication procedures, techniques for accessing banking products, etc. under the development of Internet banking. In addition, due to the development of online and mobile banking, the increase in the scale of cyber-attacks on banking systems has increased the importance of improving the security of banking information systems. The aforementioned increase in scale has been faster in recent years compared to the improvement of credit business procedures. As a result, commercial banks have in recent years allocated significantly more expenditures on improving cyber-security systems and instruments for banking information systems, on improving cybersecurity risk management systems than on improving credit risk management systems. Besides, both risk management processes can increasingly be carried out in an integrated manner.
In view of the above, I address the following question to the esteemed community of scientists and researchers:
With the rapid development of online banking, including mobile banking, are commercial banks increasing spending on improving cyber risk management processes more than on credit risk management?
Are commercial banks increasing spending on improving cybersecurity risk management processes more than on credit risk management?
And what is your opinion on this topic?
What is your opinion on this issue?
Please answer,
I invite everyone to join the discussion,
Thank you very much,
Best wishes,
Dariusz Prokopowicz
The above text is entirely my own work written by me on the basis of my research.
In writing this text I did not use other sources or automatic text generation systems.
Copyright by Dariusz Prokopowicz
The allocation of resources and spending priorities may vary among banks based on factors such as their size, geographical location, regulatory environment, and recent cyber threats or credit risk trends.
However, it's worth noting that the importance of cyber risk management has been on the rise in the financial industry due to the increasing frequency and sophistication of cyber threats. Many banks are recognizing the need to invest in robust cybersecurity measures to protect sensitive customer information, maintain trust, and comply with regulatory requirements. As a result, there has been a growing emphasis on improving cyber risk management processes, including investments in technology, cybersecurity training, and incident response capabilities.
Credit risk management, on the other hand, remains a fundamental aspect of banking operations. The level of investment in credit risk management may depend on economic conditions, interest rate environments, and the perceived risk associated with the borrower base. During economic downturns or periods of uncertainty, banks may increase their focus on credit risk management to mitigate potential loan defaults.
For the most up-to-date information on spending trends in the banking industry, particularly in the context of cyber risk management versus credit risk management, it would be advisable to consult recent reports from industry analysts, financial institutions, or regulatory bodies. These reports often provide insights into emerging trends, challenges, and priorities for banks in areas such as risk management.
In my opinion The allocation and contribution of funds depends upon the reguletory framework of a country. It also depends upon the size of the commercial, private and public bank, more or less the bank mainly focuses on credit risk management and in this context of cyber risk management becomes secondary.The goverment regulation and central bank can play a crucial role towards the bank in maintaining both cyber risk management and credit risk management that keeps the both wheels together to run the better economy as well as better public administration.
In simple, the credit risk management is the one of the things which banks foucuses the most rather than cyber risk management because, credit risk management helps the banks to maintain liquidity ratio, CRR, And SLR. Better Credit risk management gives banks more freedom in decision making and various other activities.
At the same point, cyber risk management protects the customer data and all relvent information. It also helps in maintaining the trust and relationship with the customer towards the bank, but the Cyber risk management requires more investment in order to seccure the data and so it can only be posiible by maintaing better credit risk management hence it provides better liquidity, decreases the loan of default, decreases the Non Performing Assests and also helps in mitigation of uncertanity.
To summarize everything i'd say, The government and the central bank can help the banks to keep cyber risk management as a primary responsibility to maintain such a ratio to keep the data secure and give a sence of security to customers. Parallelly, Central Bank can also Implement some policies for better Cyber risk management.
The spending trends on risk management in commercial banks can vary based on multiple factors, including regulatory requirements, technological advancements, and the evolving nature of risks.
In terms of credit risk management, banks are feeling the pressure to digitize their credit processes due to various factors such as customer expectations for digitally managed services, regulatory expectations of a high-performing risk function, and the growing importance of strong data management and advanced analytics. Digitally transforming credit risk management can bring greater transparency to risk profiles, allowing banks to expand their business through more targeted risk-based pricing, faster client service without sacrificing risk levels, and more effective management of existing portfolios.
On the other hand, the risk functions in banks are expected to be fundamentally different by 2025 due to structural trends stemming from multiple sources. These include evolving regulations, changing customer expectations, emergence of new types of risks (such as cyber risk), and advancements in technology and analytics. Banks are expected to cope with these changes while reducing their operating costs substantially.
Dear Prof. Prokopowicz!
You pointed to a great problem. Hackers and cyber-criminal teams are always one or two steps ahead of defending IT - teams:
Peters, G.W., Malavasi, M., Sofronov, G. et al. Cyber loss model risk translates to premium mispricing and risk sensitivity. Geneva Pap Risk Insur Issues Pract 48, 372–433 (2023). https://doi.org/10.1057/s41288-023-00285-x Open access:
Article Cyber loss model risk translates to premium mispricing and r...
Pavel V Shevchenko, Jiwook Jang, Matteo Malavasi, Gareth W Peters, Georgy Sofronov, Stefan Trück, The nature of losses from cyber-related events: risk categories and business sectors, Journal of Cybersecurity, Volume 9, Issue 1, 2023, https://doi.org/10.1093/cybsec/tyac016, Available at: https://academic.oup.com/cybersecurity/article/9/1/tyac016/7000422?login=false
Yours sincerely, Bulcsu Szekely
- Badges
- Science topic
- Similar topics
- Physical Sciences
- Materials Science
- Materials
- Carbon Materials
- Graphite
- Graphene