Vietnam banks urged to step up third-party risk management
The Hanoitimes - Most Vietnamese banks are still struggling to comply with the banking authority’s regulations related to digital transformation, particularly those concerning the management of third-party risks.
Digital transformation has given rise to increased outsourcing of operations and services by banks to third-party vendors, leading to growing information security threats. Experts, therefore, urged local banks to step up third-party risk management.
Cost savings are not the only reason why third-party services are on the rise in banking. Beyond that, third-party vendors give banks access to specialist capabilities and technologies that they might not yet be able to build or maintain in-house, said PwC’s experts at a workshop themed “Managing third-party risks under Circular 18” for members of the Vietnam Banks Association (VNBA).
Despite the evident benefits of using third-party providers, the associated risks are not to be ignored. A few years ago, hundreds of customers’ bank statements were stolen from a bank in Singapore, following unauthorised access into a server containing such information on an off-site printing facility. And earlier this year, a data and analytics firm catering to some of the biggest financial institutions in the US failed to secure millions of private financial documents after a major data breach.
|Pho Duc Giang, Cyber Security and Privacy director at PwC Vietnam Cyber Security Services Company.|
On August 21, 2018, the State Bank of Vietnam, the country's central bank, issued Circular No. 18/2018/TT-NHNH to govern the assurance of information systems safety and security in banking operations. However, most local banks are still struggling to comply with the requirements related to digital transformation in the circular, particularly those concerning the management of third-party risks.
“The convenience of tech-enabled financial services has led to an ever-larger and more complex ecosystem of banks, fintechs and related service providers. The adoption of international standards and good practice helps the banks to improve the effectiveness of risk management, including third party risks,” said Nguyen Phi Lan, Partner and Risk Assurance leader at PwC Vietnam.
Sharing experience from Malaysia and the region, Yu Loong Goh, IT Risk Assurance director at PwC Vietnam, said that most high-performing banks in the region are focusing on two main tasks in third-party risk management. First, assessing the current state of their cyber security risk management programme and second, third-party attestation reporting. These provide the basis for banks to come up with measures to address gaps and protect their organisation and clients.
Pho Duc Giang, Cyber Security and Privacy director at PwC Vietnam Cyber Security Services Company added, “third-party attestation can bring many potential benefits, such as improved trust with stakeholders, increased confidence in your own operations, reduced costs and moving towards a sustainable financial services ecosystem.”
- Foreign investors unable to get Vietnamese stocks despite value at lowest level: Bloomberg
- Vietnam c.bank cuts rate on banks’ reserve requirements first time since 2005
- Total assets of banks in Vietnam increase 9% to nearly US$520 billion
- Vietnam remains among top 10 remittance recipients in 2019
- Efficient resource utilization may help Vietnam GDP grow 9 – 10%
- Legal overhaul urged for foreign firms to list shares in Vietnam
- Vietnam records US$3.81-billion fiscal surplus in 11 months
No technology can radically clean Hanoi's polluted river if sewage not treated: Mayor
Vietnam, US sign agreement on customs cooperation
Hanoi wants to learn Sweden’s development experiences
Vietnam, Germany endorse action plan for 2020-2021, rule-based order highlighted
Vietnam to launch national public services portal on December 9
Hanoi ensures water supply for its residents
Hanoi considers banning cyclos to reduce traffic congestion
Vietnam to champion ‘cohesive’ ASEAN in 2020 amid more assertive China
Every craft village in Hanoi to receive US$8,600 for environmental impact assessment