Banks must have high levels of IT security, says MAS

Recent cyber attacks on financial institutions around Asia have prompted the Monetary Authority of Singapore (MAS) to stress the need for high levels of IT security.

It said in a statement yesterday: "MAS expects financial institutions to implement strong controls in their IT systems as set out in the MAS Technology Risk Management Guidelines."

Such guidelines require banks to conduct regular internal tests on their systems and networks, including security vulnerability assessments.

The regulator added: "This includes maintaining a high level of security for their critical IT systems, such as Swift."

Swift refers to the Society for Worldwide Interbank Financial Telecommunication, which is used by banks and firms to move money around the world through payment orders.

Attacks on financial institutions have become more frequent of late, as hackers become increasingly sophisticated.

Philippine banks had "isolated" cases of cyber attacks resulting in small financial losses, Bloomberg reported yesterday.

This comes on the back of a US$81 million (S$110.7 million) heist from Bangladesh's central bank in February, when attackers moved money to accounts in the Philippines.

Separately, Vietnam's Tien Phong Bank had said on Sunday that it stopped a cyber fraud attempt late last year, which included fraudulent Swift messages.

Reuters reported that the attack involved a suspect transaction worth more than €1 million (S$1.5 million), said to have used the same technique of February's heist.

The bank said it has stopped using a third-party service to connect with Swift's global money transfers system.

A version of this article appeared in the print edition of The Straits Times on May 18, 2016, with the headline 'Banks must have high levels of IT security, says MAS'. Print Edition | Subscribe