There should be a more robust framework of cyber security regulations for the financial services industry, it has been claimed.

Intelligent Environments argued that as the payments sector complied with the Payment Card Industry Security Standard (PCI DSS), it was “ridiculous” a similar process did not exist for financial institutions.

A survey conducted by the software firm found that 28 per cent of Britons did not trust the security of their bank’s digital systems. The firm is now calling on the Financial Conduct Authority (FCA) to establish mandatory cyber security checks for banks.

Earlier this year, the Bank of England created the CBEST testing framework for banks as a holistic assessment of their cyber defences – but the process is not obligatory.

Clayton Locke, chief technology officer at Intelligent Environments, said that previous cyber attacks in the financial services sector highlighted the scale of the threat.

“Many customers feel their banks aren’t secure enough,” he explained. “This lack of consumer confidence in itself represents a major threat to the financial industry. By creating a tougher industry-wide standard for financial services security, banks and financial services providers can improve services, increase customer security and reclaim consumer confidence in their products.

“While the CBEST testing framework is a strong step forward, the fact these assessments are still voluntary highlights an inherent weakness,” Locke continued. “It would be much more effective to make these assessments compulsory as is the case for PCI DSS. It’s ridiculous card providers are required to adhere to a standard while banks are not.”

Share Story: