Basel Committee agrees to publish report on information and communication technology risk management, progresses cryptoasset targeted review, considers targeted updates on liquidity risk principles

The Basel Committee on Banking Supervision has agreed to publish a report on information and communication technology risk management practices, which will provide insights into how banks manage ICT-related operational risks. This move comes as the Committee continues to monitor developments in non-bank financial intermediation, including private credit, and highlights the importance of enhanced supervisory scrutiny and cross-border information-sharing to mitigate potential risks.

The Committee is also progressing its review of the prudential standard for banks' cryptoasset exposures and considering targeted updates to its principles on liquidity risk. This follows a range of regulatory, supervisory, and structural developments that may warrant a review of whether existing frameworks remain fit for purpose. The Basel Committee's work on these issues reflects its ongoing commitment to strengthening the regulation, supervision, and practices of banks worldwide with the aim of enhancing financial stability.

The Committee's discussions also underscore the growing importance of digitalisation in banking and the need for effective risk management practices to mitigate potential operational risks. With the publication of the ICT report set to provide valuable insights into best practices, the Basel Committee is well-positioned to support its members in navigating the evolving landscape of financial services.

Why it matters

The increasing reliance on information and communication technology (ICT) in banking operations poses significant risks to financial stability. As banks' operational resilience to ICT incidents becomes increasingly important, the need for effective risk management practices has never been more pressing. The Basel Committee's decision to publish a range of practices report on ICT risk management is a crucial step towards enhancing supervisory scrutiny and promoting best practices across jurisdictions.

The review of targeted elements of its prudential standard for banks' cryptoasset exposures also underscores the evolving nature of financial risks in the digital age. As the global banking system remains resilient, potential second- and third-order effects from factors such as inflationary pressures and supply chain disruptions could test this resilience. The Committee's consideration of targeted updates to its principles on liquidity risk management reflects the need for ongoing review and refinement of regulatory frameworks.

The Basel Committee's work on ICT risk management, cryptoasset exposures, and liquidity risk highlights the importance of adapting regulatory frameworks to address emerging risks in a rapidly changing financial landscape. As banks continue to navigate these challenges, enhanced supervisory scrutiny, cross-border information-sharing, and effective risk management practices will be essential for maintaining financial stability.

Key points

  • The Basel Committee has agreed to publish a report on information and communication technology (ICT) risk management practices across jurisdictions, highlighting the importance of addressing non-malicious ICT incidents in operational resilience.
  • A targeted review of banks' cryptoasset exposures is progressing, with an update expected later this year; the Committee previously expedited this review due to the evolving nature of cryptoassets.
  • The Basel Committee is considering targeted updates to its Principles for Sound Liquidity Risk Management and Supervision, given recent regulatory and supervisory developments that may warrant a review of their fit-for-purpose status.
  • Enhanced supervisory scrutiny and cross-border information-sharing are being emphasized in light of non-bank financial intermediation, including private credit, which poses indirect exposures and interconnections to banks.
  • The Committee will continue to monitor the implications of artificial intelligence (AI) models on cyber security, with a focus on identifying vulnerabilities and strengthening defences against potential malicious use.
  • A workplan has been approved to pursue further analytical work on the financial impacts of extreme weather events on banks, including how they assess and manage physical risks from such events.

Institutional context

Institutional context The Basel Committee on Banking Supervision, a key global standard setter for banking regulation and supervision, met in May 2023 to discuss various initiatives aimed at enhancing financial stability and promoting sound risk management practices. The Committee is composed of representatives from the world's leading central banks, with Tiff Macklem, Governor of the Bank of Canada, currently chairing the committee. Its mandate is to strengthen banking regulation, supervision, and practices worldwide, with a focus on achieving operational resilience and mitigating financial risks.

The Basel Committee operates through a collaborative framework, relying on its member countries' commitments to achieve its objectives. The Committee reports to the Group of Central Bank Governors and Heads of Supervision, which provides endorsement for major decisions. This structure allows the Committee to maintain flexibility while ensuring that its recommendations are grounded in international cooperation and consensus-building. As such, the Basel Committee's work is closely intertwined with other global financial institutions, including the Financial Stability Board and the International Monetary Fund.

The Committee's membership comprises representatives from over 200 countries, reflecting its broad reach and influence in shaping banking regulation and supervision worldwide. Its decisions have no formal supranational authority, but rather rely on the commitment of its member countries to implement its recommendations. This framework enables the Basel Committee to balance consistency with flexibility, ensuring that its guidance is both effective and responsive to evolving global economic conditions.

Practical considerations

Practical considerations for practitioners Banks and financial institutions should review their ICT risk management practices in light of the upcoming publication of a report on observed best practices, which will provide guidance on addressing non-malicious ICT incidents.

The Basel Committee's consideration of updates to its Principles for Sound Liquidity Risk Management and Supervision may also prompt financial institutions to assess their liquidity risk management frameworks. As the principles were published in 2008, recent regulatory, supervisory, and structural developments may warrant a review of whether they remain fit for purpose.

Financial institutions should also be prepared for potential updates to the prudential standard for banks' cryptoasset exposures, which are expected later this year. The Basel Committee has expedited a targeted review of its current framework in response to growing concerns about cryptoassets and their potential risks to financial stability.

Source: BIS Press Releases