Cybersecurity and geopolitical risks in financial markets

Understanding the layers of damage caused by cyber-attacks informs policy and regulatory decisions. Meanwhile, certain jurisdictions may bear disproportionately higher costs due to weaker cybersecurity infrastructures, less-developed regulatory frameworks, or higher exposure to cross-border transactions.

Regulators may mandate minimum cybersecurity standards, require rapid incident reporting, or incentivise institutions to invest in backup systems and advanced intrusion detection tools. Governments can support cybersecurity training, encourage information sharing, and support the adoption of quantum-resistant cryptography, thereby reducing systemic risks over time (IMF, 2024[11]; Kong, Janssen and Bharosa, 2024[68]). Comparative studies by the IMF, BIS, and regional bodies like the ASEAN Secretariat and ADB underscore that shoring up cyber defences and contingency plans can meaningfully reduce damage. For instance, regions with more robust cybersecurity policies report lower average costs per incident and faster recovery times.

These measures, coupled with robust international co‑operation and harmonised standards, can help ensure that the costs of cyber incidents remain manageable and that financial markets continue to function effectively, even as the threat landscape evolves, following the details:

Strengthening global co‑operation is vital. Shared service‑provider disruptions strengthen the case for cross-border co‑ordination on operational resilience and third-party risk management, given their potential to generate common shocks (Kotidis and Schreft, 2025[6]). Harmonising regulations, creating common terminologies for incident reporting, and establishing trusted cyber intelligence networks can speed up response times and limit contagion. International organisations, including the OECD, IMF, and FSB can foster dialogue, co‑ordinate regulatory efforts, and support peer learning programmes (OECD, 2022[1]; FSB, 2023[55]; IMF, 2024[11]). Possible policy options could include developing evaluation mechanisms1 to assess cyber resilience, and, where appropriate, developing regional data centres to collect and share information on cyber incidents and policy responses.

Effective co‑ordination between regulators, financial institutions, cybersecurity vendors, and research organisations is essential. Public-private partnerships can streamline the adoption of standards, invest in cybersecurity upskilling, and incentivise best practices. Where appropriate, shared analytical hubs or regional platforms for harmonised cyber-incident data could support research and preparedness, provided governance arrangements clearly define access, confidentiality protections, and legal safeguards. By actively involving industry experts and academia in policy formulation, regulators can remain responsive to rapid technological changes (OECD, 2022[1]).

As financial institutions become increasingly reliant on complex, cross-border ICT supply chains and external service providers, vulnerabilities originating outside institutional perimeters may have systemic implications for both the financial sector and the real economy. Future work could therefore focus on developing more granular assessments of these interdependencies, alongside scenario-based modelling of feasible cyber shocks, including those propagated through critical third-party providers. In parallel, comparative analysis of supervisory practices and governance frameworks for managing cyber and third-party risks, particularly in the context of AI-driven threat capabilities, could help identify effective approaches to strengthening resilience. Such efforts would provide policymakers with a more robust evidence base to better assess systemic vulnerabilities, enhance oversight of external dependencies, and calibrate policy responses in an increasingly interconnected and technologically complex financial ecosystem.

Regular stress tests, red-teaming exercises and cyber incident simulations help authorities identify vulnerabilities and measure preparedness. Establishing a data centre to create indexes, such as a “Cyber Resilience Index”, would allow policymakers to track progress, compare performance across jurisdictions and tailor interventions more effectively (ECB, 2018[45]; BIS, 2016[69]; World Economic Forum, 2022[70]). Where feasible, a Cyber Resilience Index that jointly tracks cyber disruptions in banks and critical supply chain firms (including SMEs) can provide an early-warning signal for spillovers into tighter financing conditions and broader market stress.