The Financial Supervisory Authority (FIN-FSA) has assessed pandemic preparedness among its supervised entities. In a survey1 carried out in March, the FIN-FSA assessed, among other things, whether the continuity plans and internal guidelines are up to date and how the pandemic threat has been taken into account in them.
Based on the responses, the continuity plans and internal guidelines are reasonably well up-to-date. The supervised entities have initiated measures in accordance with their continuity plans, including widely switching to teleworking, and relocating staff performing critical tasks to teams located in different offices. Some supervised entities highlighted the increased cyber threats in the current exceptional conditions and the importance of preparing for them.
Enhanced FIN-FSA monitoring of preparedness during emergency conditions
The FIN-FSA requires that supervised entities continue to update their continuity plans as the situation progresses and to ensure, in particular, the continuity of their functions critical to the functioning of society. Supervised entities must also ensure the continuity of the activities of service providers necessary for the continuity of their own activities, including those providing IT-services.
The FIN-FSA also requires that supervised entities take into account the increasing cyber threats caused by the current circumstances and the potentially increasing number of frauds. In addition to ensuring capacity for teleworking, it is also vital to ensure its security. In this context, security refers not only to the security of remote access, but also to the safe handling of confidential information in teleworking. In this exceptional situation, various malware attacks, fraud attempts and other misuse attempts are likely to increase. Supervised entities must assess the increased risk involved, implement risk management measures and provide appropriate guidance to their employees.
Customers should be informed about fraud attempts
The exceptional circumstances have also increased the number of fraud attempts against customers. Supervised entities must actively inform their clients of the frauds circulating in different channels, where scammers try, for example, to obtain usernames, passwords and payment card numbers, and must advise them how to avoid such frauds.
For further information, please contact
Markku Koponen, Head of Division, tel. +358 9 183 5389, or email markku.koponen(at)fiva.fi
- Centre for Occupational Safety: Safe teleworking – instructions for employers and employees (in Finnish)
- National Cyber Security Centre: Tips for safe teleworking (in Finnish)
- Financial Supervisory Authority: Coronavirus has mobilised fraudsters – watch out for phishing attempts
1The survey was sent to banks, employment pension insurance companies and life and non-life insurance companies. The survey also assessed the preparedness of Nasdaq Helsinki Ltd and EuroClear Finland Ltd.
The corresponding Finnish-language supervision release was published on 20 March 2020.