The financial sector (FS) is one of the most innovative and technologically advanced sectors. At the same time, it is one of the most vulnerable and exposed to cyber attack. Therefore, the FS sector needs to implement strong cyber security controls. Financial sector ISO (FC-IS) is an international standard for the management of the risks from cyber attacks in the financial sector. It is one of the six standards under FS. This article lists some of the key aspects related to FC-IS in Lithuania.

What is Financial Compliance?

Financial compliance refers to the obligation to adhere to rules and regulations established by the state, financial institutions, and regulators. In the context of business, it is often related to the requirement to follow certain regulations and laws to ensure the safety and sound operation of the business. Compliance with state and federal laws and regulations is essential to maintain an organization’s license to operate in a specific jurisdiction.

What is Financial Crime Risk?

Financial crime risk is the possibility that the financial services are misused for purposes other than intended by the users. Although the concept of financial crime risk is not a new one, it is receiving renewed attention due to the rapid development of digital technologies, the evolution of cybercrime, and the increased awareness of the importance of cyber security.

FCIS in Lithuania

Lithuania is currently working on the implementation plan for FCIS. The Lithuanian Ministry of Finance and the National Commission for the Financial and Insurance Services, in cooperation with the Lithuanian Financial sector Standards Development Organization and the National Commission for Information Systems, are responsible for the implementation of FC-IS.

Upon the adoption of FC-IS in Lithuania, all financial establishments will be required to have a cyber security management system in line with the standard. The cyber security management system will be required for all financial establishments to demonstrate their compliance with the standard. Cyber security management systems will be used to create a security audit trail, which can be used to trace cyber attacks and identify the parties responsible for them.