PE­TER CHRISTO­PHER

Se­nior Re­porter

pe­ter.christo­pher@guardian.co.tt

De­spite sev­er­al in­stances of ma­jor cy­ber­at­tacks in T&T in re­cent years, the Cen­tral Bank is yet to im­ple­ment a ded­i­cat­ed unit for cy­ber­se­cu­ri­ty.

This was ad­mit­ted by Michelle Fran­cis Pan­tor, deputy in­spec­tor of fi­nan­cial in­sti­tu­tions who made the com­ments dur­ing the Cen­tral Bank dur­ing a Joint Se­lect Com­mit­tee (JSC) sit­ting yes­ter­day, which ex­am­ined the ex­ist­ing an­ti-fraud and cus­tomer pro­tec­tion sys­tems in the lo­cal fi­nan­cial ser­vices sec­tor.

“There is no one unit that is spe­cial­is­ing in cy­ber­se­cu­ri­ty and fraud. Just to say we are not fraud in­ves­ti­ga­tors, we take it from an op­er­a­tional risk stand­point and en­sure that the req­ui­site con­trols in­ter­nal con­trols, risk man­age­ment process­es, etc. in place,” Pan­tor said in re­sponse to a ques­tion posed by Port-of-Spain South MP Kei­th Scot­land about cur­rent mech­a­nisms to ad­dress cy­ber­se­cu­ri­ty.

She added there is a fi­nan­cial in­sti­tu­tion su­per­vi­sion de­part­ment that does on­go­ing su­per­vi­sion of fi­nan­cial in­sti­tu­tions and mon­i­tor­ing. “There’s the mar­ket con­duct func­tion which now re­sides un­der the of­fice of the fi­nan­cial ser­vices om­buds­man. In terms of cy­ber­se­cu­ri­ty su­per­vi­sion, specif­i­cal­ly, there is no unit es­tab­lished at this point in time,” Pan­tor added.

She ex­plained that the bank did recog­nise that cy­ber­se­cu­ri­ty was a top two con­cern glob­al­ly and it had been un­der­go­ing train­ing and work­ing on ad­vice from the In­ter­na­tion­al Mon­e­tary Fund (IMF) con­cern­ing its ap­proach.

“The Cen­tral Bank is aware that cy­ber­se­cu­ri­ty has been in­creas­ing with the ef­forts to­wards dig­i­tal­i­sa­tion, we know this is on­ly go­ing to in­crease it is one of the top two risks every­where in the world. cy­ber­se­cu­ri­ty, we have in this re­gard we would have com­mis­sioned tech­ni­cal as­sis­tance from the In­ter­na­tion­al Mon­e­tary Fund and that has been on­go­ing.

“We have been trained in our ex­am­in­er’s re­port was pub­lished by the IMF. It was pub­lic, it was pub­licly avail­able. One of the rec­om­men­da­tions is to shore up our re­sources with re­spect to cy­ber se­cu­ri­ty.

“This is un­der ac­tive con­sid­er­a­tion at the bank at the present time,” Pan­tor said.

She con­tin­ued, “How that will evolve, whether it’s a spe­cialised unit, whether it’s ad­di­tion­al per­sons has not been de­ter­mined at this point.”

Dur­ing the JSC, Fraud Squad Se­nior Supt Ar­let Groome al­so ad­mit­ted there were sig­nif­i­cant chal­lenges in iden­ti­fy­ing those who com­mit­ted fraud through card skim­ming.

“We do have an enor­mous amount of ABM card fraud and cred­it card fraud. How­ev­er, the dif­fi­cul­ty is be­cause it’s like a hid­den crime,” Groome said in re­sponse to Sen­a­tor Jayan­ti Lutch­me­di­al who re­count­ed be­ing de­fraud­ed of $40,000 af­ter us­ing her card at a phar­ma­cy in 2018.

The sen­a­tor while she had made a re­port and had her mon­ey re­fund­ed, both the bank and the po­lice re­vealed they could not act on her in­for­ma­tion fur­ther.

Groome ex­plained that de­spite such a re­port, of­fi­cers of­ten strug­gled to iden­ti­fy the ac­tu­al per­pe­tra­tor.

“We have no face to put to the cam­era like CCTV footage or any­thing or the in­ter­nal cam­eras...It’s just we tak­ing a bet and swip­ing a card, no­body asks for her ID or any­thing,” he said.

Groome said as a re­sult in his 15 years of pur­su­ing such cas­es there had been very few con­vic­tions. He, how­ev­er, con­firmed that since the in­tro­duc­tion of chip cards, such re­ports had re­duced sig­nif­i­cant­ly.