Seeking to achieve greater convergence in cyber incident reporting (CIR) throughout the G20 nations, the Financial Stability Board (FSB) delivered a report that listed 16 recommendations to effectuate incident response and recovery, and to promote financial stability.

The FSB, which comprises financial and regulatory authorities from 24 countries and jurisdictions, compiled the report at the request of the G20. Its work focused on cyber incident reporting in three ways, according to its press release:

● Setting out recommendations to address the issues identified as impediments to achieving greater harmonization in cyber incident reporting. Financial authorities and institutions can choose to adopt these recommendations as appropriate and relevant, consistent with their legal and regulatory framework;

● Enhancing the Cyber Lexicon to include additional terms related to cyber incident reporting, as a ‘common language’ is necessary for increased convergence; and

● Identifying common types of information that are submitted by financial institutions to authorities for cyber incident reporting purposes, which culminated in a concept for a common format for incident reporting exchange (FIRE) to collect incident information from financial institutions and use between themselves.

"The interconnectedness of the global financial system makes it possible that a cyber incident at one financial institution (or an incident at one of its third-party service providers) could have spill-over effects across borders and sectors," the FSB said in its press release "Over the last decade, however, meaningful differences have and continue to emerge in the requirements and practices associated with cyber incident reporting."