DNB considers information security and the associated cyber risks to be one of the key strategic risks in financial institutions. Currently Many institutions and security providers warn of an increased cyberthreat to Western vital organisations. Dutch financial institutions also rate their cyberthreats as increased, and are attentive to developments. See also our newsitem: Increased cyberthreat due to the situation in Ukraine: DNB calls on financial institutions to remain alert.
These threats lay emphasis on the cyber-resilience of financial institutions. In our Information security monitor (December 2021) we present our latest observations on information security and cyber risks, based on supervisory examinations and information obtained from financial institutions. The observations in this Information Security Monitor are based on the examinations conducted in 2020-2021 and sector-wide requests for information primarily sent to pension funds and insurers. These sources have been supplemented with signals and incident reports from institutions and information exchanged with other supervisory authorities and partnerships. Where relevant, these information sources have also been incorporated in this Information Security Monitor.
The following three key observations are relevant for executive board members and internal supervisors (such as members of supervisory boards):
The information security risk management cycle is not sufficiently effective
Management of information security in the entire outsourcing chain remains crucial
Resilience to cyberattacks must be strengthened
In addition to these key observations we see the need to improve knowledge of information security at an executive board level. Constructive input and critical questions from executive board members and internal supervisors help the institution to make appropriate strategic and tactical choices. We also believe further cooperation between all parties in the financial sector is essential in order to increase the resilience of institutions and the entire outsourcing chain.
These observations have been set out in further detail in the Information Security Monitor.
The equity portfolios of Dutch pension funds and insurers have become significantly “greener” over the 2017-2020 period. This is mainly because investee companies have emitted less carbon over that period, according to an analysis by De Nederlandsche Bank (DNB).
Just as in October 2022, DNB keeps the the countercyclical capital buffer (CCyB) unchanged at 1%. Accordingly, banks with loans outstanding in the Netherlands must comply with this requirement by 25 May 2023. We closely monitor the risk picture and stand ready to adjust the buffer requirement if
Dutch non-bank financial services providers provided €401 billion in financing in 2021, 14% less than in 2020. This left the sector as large as one-sixth of the Dutch banking system, accounting for 1% of global non-bank financing.