86% of financial services firms intend to increase the time and resources they spend on cybersecurity in the next year, according to new research from Duff & Phelps, the premier valuation and corporate finance advisor. The survey of nearly 200 senior financial services professionals shows that firms are preparing to implement more stringent cybersecurity measures in response to increasing regulatory scrutiny and growing pressure to protect investor information.
Duff & Phelps found that two thirds (66%) of financial services firms expect cybersecurity to be a priority for regulators this year, and 31% believe it will be the most important priority for regulators. Nearly four out of 10 firms (39%) also believe regulators intend to increase scrutiny on financial crime and KYC compliance departments, an area which is increasingly converging with cybersecurity as regulators expect firms to take a holistic view of cyber threats.
In the same survey last year, only 19% of respondents expected the regulator to increase its focus on cyber security and less than 60% said they planned to spend more resources and time on cyber strategy.
In addition, 62% of financial services professionals believe that the Securities and Exchange Commission’s proposed rules to enhance information reported by investment advisers will impact their firm. In response to high profile cyberattacks in recent years, some firms are now required to adopt written policies to protect their clients’ private information and must implement processes to protect against future cyberattacks.
With the British Government introducing a new cybersecurity strategy in November 2016 and the White House currently reviewing U.S. cybersecurity strategy, it is clear that cybersecurity will be a top priority for regulators, governments and financial institutions alike in 2017.
Jason Elmer, Managing Director, Compliance and Regulatory Consulting at Duff & Phelps, comments:
“Cybersecurity is at the top of the agenda for financial services firms today. In the wake of high profile cyberattacks, many are anticipating clearer and more punitive cybersecurity regulation to be implemented. Firms are proactively looking to strengthen cyber defences as a result, and this is an opportunity for regulators to collaborate with financial institutions to form new rules. What’s also clear is that commercial pressures from investors concerned about the security of their sensitive data will accelerate any attempt to improve cybersecurity measures. For all these reasons, 2017 is set to be a watershed year for cybersecurity regulation.”