Cyber Risk Governance: How are the UK subsidiaries and branches of non-UK headquartered banks meeting their regulatory obligations?

Read the latest report from Marsh in partnership with the Association of Foreign Banks (AFB), exploring how UK subsidiaries and branches of non-UK headquartered banks can meet their regulatory obligations relating to cybersecurity.

Hacker working with computer in dark room with digital interface around. Internet crime concept. Image with glitch effect.

Request the latest report from Marsh in partnership with the Association of Foreign Banks (AFB), which brings together findings from a series of interviews conducted in March and April 2021 with members of AFB exploring how UK subsidiaries and branches of non-UK headquartered banks can meet their regulatory obligations relating to cybersecurity. This task can be particularly challenging for subsidiaries and branches when much of the technical infrastructure and many of the operational cybersecurity risk controls are carried out overseas at group level.

The need for cybersecurity has risen dramatically in prominence over the past 10 years, and consistently appears at or near the top of business surveys of corporate risk. The issue is demanding more time of company executives and boards of directors and is subject to greater regulatory attention. And rightly so: As our economies and societies grow more and more dependent on digital technology, it is important to ensure that the risks associated with this are properly managed and mainstreamed into corporate governance.