SBP Restructures Banking Supervision and Launches New Cyber Risk Department

In a strategic move to enhance its regulatory oversight and strengthen its response to emerging risks in the financial sector, the State Bank of Pakistan (SBP) has restructured its Banking Supervision Department. The central bank has consolidated its three existing departments into two new units: Banking Supervision Department-1 (BSD-1) and Banking Supervision Department-2 (BSD-2). This restructuring is intended to improve the efficiency of supervisory processes and ensure more focused oversight of the financial institutions under SBP’s purview.

Along with the reorganization, SBP has introduced a newly formed department, the Cyber Risk Management Department (CRMD), which will be positioned under the Banking Supervision Group. The CRMD will be tasked with supervising the cybersecurity risks faced by regulated entities in Pakistan’s banking sector. This department’s role will be crucial in ensuring that banks and other financial institutions are adequately equipped to tackle the growing cyber threats and safeguard sensitive financial data.

The decision to create the CRMD comes at a time when cyber threats in the financial sector are escalating, with increasing instances of cyberattacks targeting financial institutions globally. Recognizing the need to stay ahead of these threats, SBP aims to bring a more focused and specialized approach to managing cyber risks within the financial sector. The department will be responsible for both on-site and off-site supervision, ensuring continuous monitoring of cybersecurity practices and providing guidance to regulated entities on best practices to mitigate digital risks.

The restructuring will also see the central bank allocate specific regulated entities to the newly formed Banking Supervision Departments. A detailed list of these entities has already been provided, ensuring that the transition to the new structure is smooth and that each department can focus on its designated areas with greater precision.

The Directors of the new departments have already assumed their responsibilities, ensuring that there is no disruption in the regulatory processes. With this new structure in place, SBP aims to foster a more effective supervisory framework that can swiftly adapt to the changing needs of the financial sector.

As Pakistan’s financial system becomes increasingly digital, the introduction of the Cyber Risk Management Department is a timely and critical step toward addressing cybersecurity concerns. The banking sector’s vulnerability to cyberattacks has been a growing concern in recent years, and SBP’s proactive approach signals its commitment to safeguarding the integrity of the country’s financial infrastructure.

SBP’s restructuring and the creation of the CRMD are part of its broader efforts to modernize its regulatory framework and respond to emerging challenges in the financial ecosystem. The move will also enhance the central bank’s capacity to address the evolving nature of risks that financial institutions face, ensuring that the country’s banking sector remains resilient and secure in the face of new threats.

The financial community in Pakistan will be closely watching how these changes unfold in the coming months, particularly the impact of the Cyber Risk Management Department on enhancing the security posture of the banking sector. This development also serves as a reminder of the growing importance of cybersecurity in the digital age, as both financial institutions and regulators work together to protect the financial system from increasingly sophisticated cyber threats.