Cyber Risk in Central Banking (BIS)
The rising number of cyber attacks in the financial sector poses a threat to financial stability and makes cyber risk a key concern for policy makers. This paper presents the results of a survey among members of the Global Cyber Resilience Group on cyber risk and its challenges for central banks. The survey reveals that central banks have notably increased their cyber security-related investments since 2020, giving technical security control and resiliency priority. Central banks see phishing and social engineering as the most common methods of attack, and the potential losses from a systemically relevant cyber attack are deemed to be large, especially if the target is a big tech providing critical cloud infrastructures. Generally, respondents judge the preparedness of the financial sector for cyber attacks to be inadequate. While central banks in most emerging market economies provide a framework for the collection of information on cyber attacks on financial institutions, less than half of those in advanced economies do. Cooperation among public authorities, especially in the international context, could improve central banks’ ability to respond to cyber attacks.
Directive in respect of Cybersecurity and Cyber-resilience within the National Payment System
In terms of section 10(1)(c) of the South African Reserve Bank Act 90 of 1989, as amended (SARB Act), the South African Reserve Bank (SARB) is required to perform such functions, implement such rules and procedures, and, in general, take such steps as may be necessary to establish, conduct, monitor, regulate and supervise payment, clearing and settlement systems.
Furthermore, the NPS Act provides for the management, administration, operation, regulation and supervision of payment, clearing and settlement systems in the Republic of South Africa, and for connected matters. The power to perform the functions as provided in the SARB Act and the NPS Act is performed by the National Payment System Department (NPSD) within the SARB. The SARB plays an important role in ensuring the safety, efficiency and resiliency of the national payment system (NPS).
Indlulamithi South Africa Scenarios 2035
The Indlulamithi South Africa Scenarios 2035 explores three plausible futures for South Africa between 2024 and 2035, built from 26 high‑impact, high‑uncertainty variables and a refined social cohesion barometer. “Hadeda Home” imagines a fragile, compromise-driven democracy with sluggish reform; “Vulture Culture” depicts a populist, authoritarian, economically stagnant and crime‑ridden narco‑state; and “Weaver Work” portrays a cooperative nation with effective coalitions, green and inclusive growth, institutional renewal and social mobilisation. The scenarios aim to inform long‑term, evidence‑based planning and galvanise collective action across sectors.
From Guidance to Action: Exploring Practical Enterprise Risk Management
COSO’s “From Guidance to Action: Exploring Practical Enterprise Risk Management” (2026) focuses on making ERM decision‑useful rather than compliance‑driven. It argues that strategy and risk are inseparable and that ERM should influence real choices, not just generate registers, heat maps and RCSAs. The paper introduces ten ERM operating disciplines, including linking strategy and risk, treating value creation as a required outcome, making risk appetite usable, managing risk as a portfolio, prioritising decisions over documentation, measuring value not activity, and embedding ERM into business rhythms. It emphasises lightweight, decision‑led practices: clear trade‑offs, ranges, triggers and ownership at key decision points. Through personas, case examples and a practitioner “translation guide”, it shows how organisations can apply the COSO ERM Framework under real constraints to provide clearer choices, earlier pivots, fewer surprises and stronger board confidence.
- 1
- 2