Oman banks, financial firms mandated to strengthen cyber-security
CBO and CMA prepare to authorise transactions involving the use of crypto-currencies and other virtual assets for the first time
Published: 04:09 PM,Sep 22,2023 | EDITED : 08:09 PM,Sep 22,2023
Banking and financial institutions licensed to operate in the Sultanate of Oman are now mandated to secure their operations, as well as critical assets, against cyber threats.
Under a new regulatory framework issued recently by the Central Bank of Oman (CBO), banks and financial institutions must meet a “set of minimum requirements” to build the resilience necessary to address and manage cyber-security risks.
Falling within the ambit of the new regulatory framework for cyber-security and resilience are banks, financing and leasing companies, payment service providers and money exchange companies, the Central Bank stated in a post.
The regulatory framework calls for security precautions to be structured under six key pillars, dubbed ‘Control Domains’: Governance, Compliance & Audit, Technology & Operations, Third Party Supply Chain Management, Online Financial Services, and Risk Management.
In its most recent Financial Stability Report 2023, the apex bank had warned that Oman’s financial sector, while having been spared any damaging cyber-attacks in recent years, still continues to be a potential target of cyber-criminals. Risk levels, it cautioned, are significant particularly as the country embraces fintech and electronic payment systems in support of its digital transformation.
The need for heightened cyber vigilance, the Central Bank noted in its report, comes against the backdrop of a staggering 46 per cent spike in cyber-attacks targeting financial institutions globally in 2022 (versus figures for 2021). The upsurge in attacks, it pointed out, underscores the worldwide banking and financial industry’s dominant appeal as a target for international cyber gangs, given the potential for huge rewards if the attacks are successful.
“This renewed surge in cyber-attacks, especially targeting financial institutions, could negatively impact customer trust in digital financial services and the financial sector as a whole,” the Central Bank said in its report. “Oman has also not experienced any significant disruptions from cyber risks in recent times. However, like any other jurisdiction, the Omani financial sector is vulnerable to such risks. Therefore, cyber-security remains a top strategic priority for CBO,” it stressed.
Vulnerability to cyber fraud and other criminal activity is also a significant concern as Omani regulatory authorities, notably the Central Bank of Oman and the Capital Market Authority (CMA), prepare to authorise transactions involving the use of crypto-currencies and other virtual assets for the first time. A framework regulating virtual assets and service providers is currently under formulation.
The Central Bank itself is weighing the roll-out of new digital products, notably Central Bank Digital Currencies (CBDCs). A task force has been commissioned to study the introduction of CBDCs, while separate groups are focused on other digital innovations.
Under a new regulatory framework issued recently by the Central Bank of Oman (CBO), banks and financial institutions must meet a “set of minimum requirements” to build the resilience necessary to address and manage cyber-security risks.
Falling within the ambit of the new regulatory framework for cyber-security and resilience are banks, financing and leasing companies, payment service providers and money exchange companies, the Central Bank stated in a post.
The regulatory framework calls for security precautions to be structured under six key pillars, dubbed ‘Control Domains’: Governance, Compliance & Audit, Technology & Operations, Third Party Supply Chain Management, Online Financial Services, and Risk Management.
In its most recent Financial Stability Report 2023, the apex bank had warned that Oman’s financial sector, while having been spared any damaging cyber-attacks in recent years, still continues to be a potential target of cyber-criminals. Risk levels, it cautioned, are significant particularly as the country embraces fintech and electronic payment systems in support of its digital transformation.
The need for heightened cyber vigilance, the Central Bank noted in its report, comes against the backdrop of a staggering 46 per cent spike in cyber-attacks targeting financial institutions globally in 2022 (versus figures for 2021). The upsurge in attacks, it pointed out, underscores the worldwide banking and financial industry’s dominant appeal as a target for international cyber gangs, given the potential for huge rewards if the attacks are successful.
“This renewed surge in cyber-attacks, especially targeting financial institutions, could negatively impact customer trust in digital financial services and the financial sector as a whole,” the Central Bank said in its report. “Oman has also not experienced any significant disruptions from cyber risks in recent times. However, like any other jurisdiction, the Omani financial sector is vulnerable to such risks. Therefore, cyber-security remains a top strategic priority for CBO,” it stressed.
Vulnerability to cyber fraud and other criminal activity is also a significant concern as Omani regulatory authorities, notably the Central Bank of Oman and the Capital Market Authority (CMA), prepare to authorise transactions involving the use of crypto-currencies and other virtual assets for the first time. A framework regulating virtual assets and service providers is currently under formulation.
The Central Bank itself is weighing the roll-out of new digital products, notably Central Bank Digital Currencies (CBDCs). A task force has been commissioned to study the introduction of CBDCs, while separate groups are focused on other digital innovations.