Financial firm outsourcing increases risk of cyber-attacks: IIAC
The head of the Investment Industry Association of Canada (IIAC) says the risk of cyber-attacks is being amplified by the significant outsourcing done by investment dealers and asset managers.
Ian Russell told attendees at an Empire Club of Canada luncheon on Thursday in Toronto that firms’ financial integrity and cyber-security may not be matched by third-party vendors hired to reduce costs, compensate for scale and increase efficiency.
To remedy this, he says, regulators within Canada need to co-operate and co-ordinate across the financial sector, involving insurance, banking and securities firms.
Russell says a positive example of such co-operation is the information-sharing memorandum recently forged between the Financial Consumer Agency of Canada — the independent government agency that enforces consumer protection legislation — and the Investment Regulatory Organization of Canada, a national self-regulating organization for investment dealers that sell stocks, bonds and other securities to consumers.
This formal co-operation between the two groups sets a framework for compliance and enforcement of rules, and suggests a more active rule-making and requirement regime at the Financial Consumer Agency of Canada, Russell says.
Such rule-making will in turn require greater interaction between bank and securities regulators, he adds.
Russell also says the newly established Financial Services Regulatory Authority in Ontario will develop detailed regulations for the insurance industry and other financial institutions operating in the province.