Moroccan Central Bank Alerts Financial Sector to Rising Cybersecurity Threats

First of all, the banking supervision department of Bank Al Maghrib sent a letter to Moroccan banks in March 2020, warning against a "potential fraud on transfers via the online banking application for individuals of a bank in the country, via interceptions of SMS containing temporary passwords".

Bank Al Maghrib notes that the growing digitization of financial services requires banks to comply with the legal and regulatory framework governing information system security, reports La Vie Éco. This includes the law on cybersecurity and the one governing the protection of personal data. The central bank also advises the banks of the kingdom to resort to insurance to cover the risks and allow customers to be systematically reimbursed in the event of a cyber attack or fraudulent operation.

As coordinator of the banking sector in terms of information system security, Bank Al-Maghrib stresses that only the courts are empowered to define the scope of the bank’s liability and the reimbursement of affected customers in the event of cyber attacks. This work is based on the rules set by the provisions of the commercial code and the code of obligations and contracts.

At the prudential level and in line with international standards, the central bank requires banks to have a cushion of own funds capable of covering all risks, including operational risks.

The financial rating agency Moody’s reported that since the start of the pandemic, the number of cyber attacks against financial institutions has more than doubled between February and April 2020 (+238%).