The International Organization of Securities Commissions (IOSCO) published a working paper, with the World Federation of Exchanges (WFE), on cyber-crime, securities markets and systemic risk. The report explores the evolving nature of
cyber-crime in securities markets and the threat it poses to the functioning of
markets. This first report found that the majority of respondents (89%)
agreed that cyber-crime in securities markets can be considered a potentially
systemic risk. The report explores the following factors:
- the size, complexity and incentive structure;
- the potential effect on market integrity and efficiency; infiltration of
non-substitutable and/or interconnected services;
- the level of transparency and awareness;
- the level of cyber-security and cyber-resilience;
- the effectiveness of regulation.
The report found that further policy changes were required by regulators but recommends that any approaches should avoid being prescriptive in nature, must maintain flexibility to adapt to changing risks, concentrate on information sharing and not interfere
with an institution’s own tailored internal measures.