Press enquiries:
+41 61 280 8477
[email protected]
Ref: 22/2025

  • Peer review finds Dutch authorities have been long committed to enhancing the financial sector’s cyber resilience and developed several leading practices.
  • Dutch authorities and government agencies demonstrate high levels of cooperation and information sharing with each other and with the industry.
  • The FSB recommends that Dutch authorities regularly review information sharing mechanisms, promote expanded cyber resilience testing and establish a national analysis of third-party risks.

The Financial Stability Board (FSB) today published its second Peer Review of the Netherlands, examining the country’s efforts to enhance cyber resilience in the financial sector and mitigate financial stability risks arising from operational incidents and cyber-attacks.

The Netherlands has made significant progress in enhancing cyber resilience within its financial sector, reflecting its strong commitment over many years. It has developed several market leading practices such as the Threat Intelligence-Based Ethical Red-teaming (TIBER) and Advanced Red Teaming (ART) frameworks. Industry actively contributes to the comprehensive gathering and sharing of threat intelligence, and a national-level crisis-management structure brings together financial authorities to ensure coordination and collaboration during major operational disruptions. 

Despite the maturity of the Netherlands’ cyber resilience practices, the interconnectedness of the financial system and the continued evolution of cyber threats calls for a continued focus and further enhancements. The FSB recommends that:

“Cyber incidents can pose systemic risks, disrupting critical financial services and eroding market confidence,” said Jane Magill, Chair of the Netherlands peer review. “Detailed examination of a jurisdiction’s approach provides benefits to all jurisdictions that are constantly looking to enhance their response to this risk.”

Notes to editors

Recognising the potential systemic risks posed by cyber incidents and the reliance on third-party providers, in 2023 the FSB published a Toolkit for enhancing third-party risk management and oversight, as well as recommendations to support harmonised incident reporting and information sharing among authorities. To build a practical understanding of implementation of these recommendations and other regulatory efforts to enhance cyber resilience, the FSB has conducted peer reviews of the Netherlands (published today) and Spain and their efforts to enhance the cyber resilience of their financial systems.’

FSB member jurisdictions have committed to undergo periodic peer reviews to evaluate their adherence to international financial standards. To fulfil this responsibility, the FSB has established a regular programme of country and thematic peer reviews of its member jurisdictions. As part of this commitment, the Netherlands volunteered to undergo a peer review in 2025. A schedule of country peer reviews, as well as all completed peer review reports, are available on the FSB website.

The FSB coordinates at the international level the work of national financial authorities and international standard-setting bodies and develops and promotes the implementation of effective regulatory, supervisory, and other financial sector policies in the interest of financial stability. It brings together national authorities responsible for financial stability in 24 countries and jurisdictions, international financial institutions, sector-specific international groupings of regulators and supervisors, and committees of central bank experts. The FSB also conducts outreach with approximately 70 other jurisdictions through its six Regional Consultative Groups.

The FSB is chaired by Andrew Bailey, Governor of the Bank of England. The FSB Secretariat is located in Basel, Switzerland and hosted by the Bank for International Settlements.