This progress report, delivered to G20 Finance Ministers and Central Bank Governors ahead of their meetings in Fukuoka on 8-9 June, provides an update on the FSB’s work on developing effective practices for financial institutions’ response to and recovery from a cyber incident.

As part of its work programme to enhance the cyber resilience of financial institutions, the FSB is developing a toolkit of effective practices relating to a financial institution’s response to, and recovery from, a cyber incident. The toolkit also aims to help supervisors and other relevant authorities in supporting financial institutions before, during and after a cyber incident.

This project seeks to mitigate the implications of cyber incidents on financial stability, by taking into account their cross-border and cross-sectoral nature. It will also leverage the shared experience and diversity of perspectives gathered in the course of this work. The development of effective practices will incorporate a stocktake of publicly released guidance from national authorities and international bodies, a review of case studies on past cyber incidents and various engagements with external stakeholders.

As part of its outreach, the FSB will launch an online survey in July which will help to identify effective practices at financial institutions. A public consultation on the report will be launched in early 2020, with a view to finalising the toolkit of effective practices in late 2020.