UK Government Proposes New Cybersecurity Laws

Richard Marley
January 24, 2022
2 minutes read
1742

The UK government proposed new laws for cybersecurity last week to increase security standards in outsourced IT services.

“New laws are required in order to increase security standards in outsourced IT services,” says the UK government. Moreover, the issued proposals include guidance for organisations on how to report cybersecurity incidents.

The proposed laws aim to cope with the pace as technology advances and increases flexibility. Furthermore, the UK Cyber Security Council has been advised to create a standard for qualifications and certifications required from people working in cybersecurity. This will help them prove their efficacy to protect businesses in the digital space.

Following the cyberattacks on SolarWind and Microsoft Exchange Servers, these plans were issued in order to overcome the vulnerabilities in vendor services. Only 12% of the organisations actually review the cybersecurity risks immediate suppliers pose on the company, says the report by the Department for Digital, Culture, Media and Sport. On the contrary, only 5% of companies address the loopholes in the wider supply chain.

New cyber attack laws proposed by UK Govt https://t.co/gBwNk0DKAV #fintech

— Finextra (@Finextra) January 21, 2022

Minister of State for media, data, and digital, Julia Lopez said, “The plans we are announcing today will help protect essential services and our wider economy from cyber threats. Every UK organisation must take their cyber resilience seriously as we strive to grow, innovate and protect people online. It is not an optional extra.”

The proposal rolled out by the UK government states that:

Expand the scope of NIS Regulations that are typically provided by organisations that manage IT services.
Large companies must provide better cyber incident reporting to law making bodies along with a requirement to notify regulators about the cyber attacks the organisation suffers.

NCSC Technical Director Dr Ian Levy, said: “I welcome these proposed updates to the NIS regulations, which will help to enhance the UK’s overall cyber security resilience. These measures will ensure that cyber security risks are properly managed by organisations and those on whom they rely.”

Disclaimer: No warranty is herein provided that the information contained in this document is accurate, up-to-date, and/or complete. In no circumstance(s), does such information constitute legal or any other advice. Any person who intends to use, rely, pass-on, or re-publish the information contained herein in any way is solely responsible for the same. We suggest to verify the information and/or obtain expert advice independently if required.

Latest News

News
IMF Urges Central Bank of Seychelles to Upgrade Transparency and AML Controls
The Central Bank of Seychelles (CBS) has been advised by the International Monetary Fund (IMF) to have transparent practices and AML controls.

The International Monetary Fund (IMF) has urged CBS, the Central Bank of Seychelles, to incorporate refined practices in different accountability and governance areas. These include confidentiality, supervisory & confidentiality policies along with internal AML/CFT protocols.

According to the statement by IMF, CBS is giving information regarding legal structure, mandate, and a few key elements related to anti-corruption arrangements, risk and human resource management, and accountability on its website.

The review of IMF stated, “To better support the public’s perception of the CBS as a well-governed institution, it should consider highlighting these aspects in its annual report, and/or provide additional information on its website, particularly on human capital management, anti-corruption policies and decision-making arrangements.”

As per IMF’s review, CBS needs to work on several elements, including information’s accessibility to its internal governance arrangements. It could be done by maintaining the Annual Report’s respective sections and website. Moreover, it must overhaul the proceedings by publishing its Code of Conduct and Ethics.

“The legal mechanism for confidentiality issues has been established, but the dissemination and disclosure of the confidentiality framework could be enhanced. The CBS discloses basic information on its AML/CFT supervisory powers and policies, as well as on its related internal control framework, but disclosures on the processes and outcomes of its AML/CFT external policies and internal controls are limited,” said CBS Transparency Code Review of IMF.

IMF review said that the ensurance of transparency practices with new functions and powers by CBS would be effective for its own benefit. The practices adopted by CBS must comply with the powers acquired by the coming legislative act.

IMF’s CBS Transparency Code Review said, “In the last few years, the CBS’s regulatory powers have been substantially expanded with the adoption of AML/CFT Act and Financial Consumer Protection Act. Moreover, the forthcoming Financial Stability Act is expected to provide a transparent legal basis for the CBS’s (and other financial sector regulators) actions on financial stability. These legislative acts will require an expansion of the CBS’s transparency practices so that the related CBS activities continue to be appropriately disclosed to stakeholders.”

The review aims to identify the strength and improvement areas of CBS by allowing it to evaluate its transparency practices. The review presents the map of CBS’s transparency choices in comparison to several practices in three different categories (core, comprehensive, and expanded).

Suggested Read: FCA Advises Firms to Embed Data and Technology to Combat Financial Crimes

Recent Posts

Blog
Improving Identity Verification Processes Through Perpetual KYC - How Shufti Pro Helps the Banking Sector
Banks are considered a subset of the financial services industry and play the most crucial role in global economies. Banks mobilize the deposits from households and spread them across the countries, making the funds available for investments. Due to the high influx of money into this sector, criminals have started exploiting the loopholes resulting in several crimes, particularly identity theft, money laundering, and terrorist financing. It is quite crucial for all financial institutions particularly banks to implement a robust system of customer verification to counter prevailing scams.

In US alone, illicit bank transfers or payment fraud resulted in financial losses amounting to $756 million in 2021. Although the whole banking sector has implemented stringent measures to curb financial scams, they are still common, and the overall rate is increasing every year. It has become mandatory for banking organizations to evolve the contemporary Know Your Verification (KYC) measures and implement them in an advanced way to counter the sophisticated techniques of criminals. Perpetual KYC, commonly known as P-KYC, is one of the effective solutions that has the capacity to revolutionize banks’ scrutiny systems and execute customer verification through a modern approach.

An Overview of Perpetual KYC

All financial organizations like banks, insurance companies, and crypto exchanges use a variety of KYC measures to verify the true identities of their users. It is generally performed in order to understand who the business is interacting with. The majority of digital businesses generally verify their client and customers at the start of business while keeping a record of their personal details like name, ID number, social security, address, etc. Perpetual KYC takes this further by introducing a process that keeps on verifying customers continuously, monitors their transactions, and puts different strategies in place to report any suspicious activity.

Perpetual KYC just differs from regular KYC in the way that it keeps on regulating the users’ data and serves its purposes in a more advanced way. All the financial companies in search of better security, improved transparency, and secure customer relationships are using P-KYC. It is not only beneficial for digital businesses but also ensures the safety of users’ identities and assets. In this way, financial service providers can react to any suspicious activity quickly and take strict action to halt it.

The Need for Perpetual KYC in Banking Sector

The banking sector is thought to be the backbone of any country’s economy, and due to rising crime cases, it is in dire need of an effective and constant customer due diligence system. It is estimated that the market capitalization of the global banking sector was 7.3 trillion euros in the second quarter of 2022, which highlights the importance of perpetual KYC. The banks have billion of customers globally and due to rising cases of money laundering and terrorist financing, it has become mandatory to keep a strict check on all the transactions.

In traditional KYC checks, illegal activities of criminals can go unnoticed for years resulting in a lot of financial damage. On the other hand, perpetual KYC measures are efficient enough to track illicit activities in real time and inform the authorities about them. Implementing P-KYC measures can help the banks improve customer relationships by providing them with security from several scams including account takeovers, identity theft, and other financial losses. It will also help the banking organizations to comply with the local and global KYC regulations by countering money launderers and terrorist financiers.

Recent Crime Cases in the Banking Industry

The banking sector has always remained a prime target of financial criminals due to its exposure to huge investments and funds. Criminals use a variety of advanced techniques to carry out money laundering inflicting a myriad of damages on the overall economic system. Several cases have been witnessed in the recent past where criminals were charged with committing bank fraud.

Criminal Gang in US Charged with Bank Fraud and Money Laundering

US law enforcement authorities recently arrested a gang of 11 members who were involved in bank fraud and money laundering. All the criminals have been charged in court, and investigations have found that they were involved in payment fraud of more than $9 million, which was sent to other countries through money laundering. The scammers were using fake identities of 50 different users to commit fraud. Court has ordered to carry on the investigations and found more transactions related to the case.

Two Former Employees of Major Bank Charged with Loan Fraud

The Police arrested two former employees who were found to be involved in defrauding the major bank with millions of dollars in federal loan funds. The criminals used wire fraud techniques to obtain loans of more than $3 million from the Paycheck Protection Program (PPP) and Coronavirus aid. A judge ordered the Police to move further with the investigation and decide the penalties for the culprits.

Global Regulatory Authorities Monitoring the Banking Sector

All the global regulatory authorities, including Financial Action Task Force (FATF), European Union (EU), and Interpol, have highlighted the vulnerabilities of the banking sector to financial crimes. FATF has issued detailed guidelines for implementing effective KYC solutions to counter money launderers and scammers.

US

The Financial Crimes Enforcement Network (FinCEN) is the primary body that monitors prevailing suspicious activities in the banking sector. It is working under the guidelines of the Bank Secrecy Act (BSA) which makes it crucial for banks to keep a strict check on their customers and verify their true identities. BSA has also highlighted the need for a system that keeps continuous checks on all financial transactions and reports to law enforcement authorities in case of any violation.

UK

The Fraud Act 2006 is the primary legislation in the UK which permits all banks to verify the true identities of their users and keep a record of all details. This act also suggests punishment for criminals involved in bank fraud which could go up to 10 years of imprisonment and hefty fines. In the recent past, UK law enforcement agencies have convicted a large number of criminals under this act and put them behind bars.

Securing Banking Organizations Through Perpetual KYC

With rapid digitization, the use of digital banking has increased, posing considerable threats of identity theft and financial scams. By using fake identities, criminals onboard the system and exploit loopholes resulting in money laundering and terrorist financing. Although traditional KYC checks are quite effective against fraud, they are not efficient enough to trace all suspicious activities by scammers. Perpetual KYC is a viable option for banking organizations to keep a continuous check on all of their users while monitoring financial transactions and reporting to relevant agencies in case of any fraudulent activity. Through perpetual KYC checks, banks will not only be able to curb identity theft but will also help in securing the business-customer relationship.

What Shufti Pro Offers?

Shufti Pro offers state-of-the-art identity verification services that can help the banking sector to counter criminals and comply with global regulations as well. The perpetual KYC services offered by Shufti Pro will help the banks strictly check all customers’ activities and monitor their transactions in real time. Powered by thousands of AI algorithms, it is efficient enough to generate output in less than a second with 98.67% accuracy.

Want to know more about Perpetual KYC services for the banking sector?

Talk to us

UK Government Proposes New Cybersecurity Laws

An Overview of Perpetual KYC

The Need for Perpetual KYC in Banking Sector

Recent Crime Cases in the Banking Industry

Criminal Gang in US Charged with Bank Fraud and Money Laundering

Two Former Employees of Major Bank Charged with Loan Fraud

Global Regulatory Authorities Monitoring the Banking Sector

US

UK

Securing Banking Organizations Through Perpetual KYC

What Shufti Pro Offers?

Let’s prove your

customer’s identity

with Shuftipro.

Let’s prove your customer’s

identity with Shuftipro.