The head of JP Morgan’s asset and wealth management division has complained that the US bank is facing a rising number of cyber-attacks despite employing an army of technologists.

Speaking at the World Economic Forum in Davos, Mary Erdoes told delegates that the bank spends about US$15 billion on technology annually and employs 62,000 technologists, many of whom are employed solely in cyber security.

“We have more engineers than Google or Amazon. Why? Because we have to,” said Erdoes. “The fraudsters get smarter, savvier, quicker, more devious and more mischievous.”

One reason given for this trend is the ongoing war in Ukraine and the sanctions imposed against Russia.

Asset managers and asset servicers have also become more of a target for hackers given that between them, they hold important information on the holdings and investments of individuals, companies and public sector bodies or agencies. 

Erdoes’s comments coincide with the release of the first set of draft technical standards for the EU’s Digital Operational Resilience Act.

The Act, designed to harmonise risk management frameworks for financial services firms’ ICT services, will come into force in January 2025. However, the publication of the standards has caused some disquiet from industry groups worried about the implementation timetable.

James Kemp, managing director of the Association for Financial Markets in Europe (AFME), said: “There is now only a year until the application of DORA, intended to harmonise risk management frameworks for ICT services.

“This latest set of technical standards will regretfully exacerbate the challenge facing banks and financial entities in taking forward those preparations.

“In particular, AFME is concerned that without a proportionate and phased approach to enforcement, the obligations on supplier contracts will cause major disruption,” said Kemp.

©2024 fundsTech