Page 39 - 86395_CCB - 2024 Annual Report (web)
P. 39
39
Emerging Risk Definition The Bank's Response
Cyber Threat The nature of cyber‑attacks across The Bank’s technology infrastructure is UK‑
the industry continues to change with based and has a very small external facing
the use of more sophisticated unseen footprint. The Bank’s websites are outside its
malware and other methods, as well as perimeter, greatly reducing the inherent exposure.
increased volumes. Furthermore, the Bank’s profile, suppliers, and
The Bank’s operations are inherently customer‑base does not make it an obvious target
reliant upon its technology for state‑sponsored or other hackers.
infrastructure, and the performance The Bank’s technology perimeter has been reviewed
of third‑party technology firms to without issue, and patching timescales are as
maintain cyber security defences. responsive as possible. Technology arrangements
have been reviewed against the NCSC guidance, and
no material deficiencies or areas for improvement
were identified. A Cyber Strategy and linked
programme of focused work, including obtaining a
NIST Level 3 status, has continued throughout 2024
which included strengthening Board, Executive and
colleagues understanding and ownership of Cyber
Risk and the actions they need to take.
Board and Executive cyber and information
security training has been provided in 2024 using
external providers.
Legal, The UK has an extensive regulatory The Bank has a dedicated Compliance, Prudential
Compliance environment which applies to all Risk and Legal Function along with a dedicated
& Regulatory. UK firms, particularly the financial horizon scanning process which monitors regulations
services sector. Changes in regulation to help inform Management of any changes. The
because of the implementation of Bank assesses the financial impacts of proposed
new frameworks such as Basel 3.1 changes in regulations and operating processes and
and the Small Deposit Takers regime will where appropriate update its financial statements
could have an impact on bank’s to reflect any financial risk from proposed changes.
financial ratios. The Bank also engages with the relevant trade bodies
The Bank’s regulatory bodies and other industry professionals to help ensure that
frequently review market regulations it meets its legal and regulatory requirements. Where
to ensure that the rules are enabling appropriate, Management will also contribute to
all banks are meeting customer needs. various regulatory consultations, as part of a wider
These reviews are a combination of industry response to proposed regulatory changes.
responses to both banking industry
requests as well as external legal and
Government intervention.
The Strategic Report on pages 6 to 39 was approved, by order of the Board.
Richard Bryan
Company Secretary
27 March 2025
