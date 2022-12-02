HKMA provides additional guidance on protection against DDoS attacks The HKMA has issued a circular to authorised institutions (AIs) to provide additional guidance on protection against distributed denial-of-service (DDoS) attacks. As stated in the HKMA's Supervisory Policy Manual (SPM) guidance: AIs should implement adequate controls to promptly detect and respond to the threats posed by DDoS attacks that could impact the delivery of e-banking services (module TM-E-1 “Risk Management of E-banking”);

AIs should put in place proper controls to safeguard their networks and systems against disruption (module TM-G-1 “General Principles for Technology Risk Management”). In view of the increased incidence and sophistication of DDoS attacks, the HKMA considers it appropriate to provide more guidance in this area. The additional guidance is developed with reference to the findings from a round of recent thematic reviews to assess the effectiveness of the anti-DDoS protective measures maintained by AIs. AIs are expected to take into account such guidance in their regular assessments of the effectiveness of their anti-DDoS protection, which covers four key areas: Regular risk assessment and vulnerability management, including protective measures provided by third parties (regular assessment should be undertaken by the first line of defence, with the second line of defence providing additional opinion);

Proper design of the architecture of anti-DDoS controls in respect of both customer-facing channels and components that support the AI's operations (a multi-layered defence should be deployed to achieve optimal protection);

Effective governance over service providers to evaluate their cyber defence capability and robust contingency arrangements for potential disruption to their services (excessive reliance on a single service provider should be avoided);

Proper incident response procedures (incorporating lessons learned from significant DDoS incidents) and regular rehearsal exercises (including both table-top drills and technical drills with involvement of anti-DDoS service providers). [25 Nov 2022] #Cybersecurity

HKMA and Cyberport co-organise third AMLab as part of “Fintech 2025” strategy As part of its “Fintech 2025” strategy, the HKMA has co-organised its third AML Regtech Lab (AMLab) with Cyberport (supported by Deloitte). The third AMLab builds on the first AMLab (see our previous update), and relates to the adoption of network analytics to combat fraud risk and reduce losses from scams using mule account networks. It follows the second AMLab on the use of “enabling technologies” held in July 2022 (see our previous update). The third AMLab 3 shared good practices and provided a platform for banks as well as data and technology experts to collaborate using synthetic data to demonstrate testing of network diagrams, thus helping fast track implementation at lower costs. It was followed by Regtech Connect (an initiative introduced in July 2022), in which Cyberport technology companies demonstrated relevant regtech tools and services. The HKMA will continue to engage with banks in 2023, including hosting more AMLabs with Cyberport and publishing research and thematic review results. In the face of rising levels of online fraud and financial crime, the HKMA has transformed the way it works with banks to shape the direction of innovation in AML work, including the adoption of network analytics. About 60% of retail banks are deploying network analytics (more than twice as that three years ago). In the first nine months of 2022, retail banks have increased their identification and reporting of suspicious accounts and networks by 127% compared to a year ago, leading to a 166% increase in the amount of criminal proceeds restrained or confiscated by law enforcement agencies. [24 Nov 2022] #FinTech