Skip to main content

The proliferation of outside fintech companies supplying financial institutions with cloud computing and other data services is a potential weak link in the cyberdefences protecting Canada’s financial system, a top Bank of Canada official said.

The problem is that a lot of the work done by these third-party companies is “outside the purview of system regulators,” Bank of Canada chief operating officer Filipe Dinis warned Wednesday at a Payments Canada conference in Toronto.

The interconnections between regulated financial institutions and outside players may pose a risk to the financial system as a result of cyber threats, Mr. Dinis said.

Story continues below advertisement

“Individual firms in the financial system know their own business but don’t always understand all their connections with others,” Mr. Dinis pointed out. “This can lead to decision making that ignores threats to the system.

Canadian financial institutions process $175-billion in cash payments and half-a-billion dollars in stock and bond trades every day. Mr. Dinis said these massive flows have become a favoured target of online criminals.

Individual institutions generally have strong defences to prevent theft and privacy breaches, he said.

“Our concern is not with individual firms but with the interconnections among them,” Mr. Dinis explained.

“It is no longer enough for each institution to maintain its own alarm system. While doing so provides a certain level of protection and comfort, we need to invest in system-wide defences.”

The Bank of Canada, which regulates the payment system, has been working with the country’s Big Six banks in recent months to bolster the system’s ability to recover from a major cyber intrusion. Mr. Dinis said the goal is to have a “rapid, collaborative approach” to getting the system up and running again in the event of a prolonged outage caused by a security breach.

In a speech last December, Bank of Canada Governor Stephen Poloz acknowledged that he’s kept “awake at night” by the thought that a cyber attack could knock out the payments system.

Story continues below advertisement

“A problem in one institution may spread to others and be amplified,” Mr. Poloz said. “As such, a successful cyber attack on one institution can become a successful attack on many.”

Report an error Editorial code of conduct
Comments

Welcome to The Globe and Mail’s comment community. This is a space where subscribers can engage with each other and Globe staff. Non-subscribers can read and sort comments but will not be able to engage with them in any way. Click here to subscribe.

If you would like to write a letter to the editor, please forward it to letters@globeandmail.com. Readers can also interact with The Globe on Facebook and Twitter .

Welcome to The Globe and Mail’s comment community. This is a space where subscribers can engage with each other and Globe staff. Non-subscribers can read and sort comments but will not be able to engage with them in any way. Click here to subscribe.

If you would like to write a letter to the editor, please forward it to letters@globeandmail.com. Readers can also interact with The Globe on Facebook and Twitter .

Welcome to The Globe and Mail’s comment community. This is a space where subscribers can engage with each other and Globe staff.

We aim to create a safe and valuable space for discussion and debate. That means:

  • All comments will be reviewed by one or more moderators before being posted to the site. This should only take a few moments.
  • Treat others as you wish to be treated
  • Criticize ideas, not people
  • Stay on topic
  • Avoid the use of toxic and offensive language
  • Flag bad behaviour

Comments that violate our community guidelines will be removed. Commenters who repeatedly violate community guidelines may be suspended, causing them to temporarily lose their ability to engage with comments.

Read our community guidelines here

Discussion loading ...

Due to technical reasons, we have temporarily removed commenting from our articles. We hope to have this fixed soon. Thank you for your patience. If you are looking to give feedback on our new site, please send it along to feedback@globeandmail.com. If you want to write a letter to the editor, please forward to letters@globeandmail.com.
Cannabis pro newsletter