Russian banks with high cyber risks could be required to keep additional capital buffers under a regulation being prepared by the Russian central bank and expected to be published by July 2018, Kommersant reported Feb. 16.
Mikhail Bukhtin, head of the central bank's banking regulation department, told the newspaper that the central bank will assess banks on an annual basis using a five-point scale, and those with high cyber risks will be required to hold additional capital buffers of between 1% and 3%.
Lenders unable to hold the required buffer will be subject to restrictions such as dividend bans. For lenders undergoing financial recovery procedures, the central bank plans to introduce individual risk management and capital strategies,
Bank risk managers in general support the initiative of the central bank, but market analysts noted that not all banks would be able to keep such a buffer and that a prospective dividend ban would reduce the already low attractiveness of the banking sector to potential investors, the newspaper said.
Meanwhile, Reuters cited a Russian central bank report on digital thefts in the local banking sector as saying unnamed hackers stole 339.5 million rubles in an attack on the SWIFT international payments messaging system in Russia, which took place in 2017.
A central bank spokesman told the newswire that the hackers had taken control of a computer at a Russian bank and used the SWIFT system to transfer the funds to their own accounts. The spokesman did not name the lender in question, but cited the central bank's security department deputy head, Artem Sychev, as saying it was "a common scheme."
SWIFT says its own systems have never been compromised by hacker attacks. The company has not disclosed information regarding hacker attacks on the users of its system, but details of some digital thefts have become public, including the 2016 attack on Bangladesh Bank, as well as the 2017 attacks on Far Eastern International Bank Ltd. and NIC Asia Bank Ltd., Reuters said.
Media outlets also reported that in December 2017 hackers tried to use the SWIFT system to steal 55 million rubles from Russia-based Globex Commercial Bank JSC.
As of Feb. 16, US$1 was equivalent to 56.26 Russian rubles.