According to the International Monetary Fund (IMF), banks around the world have lost $12 billion to cyberattacks over the last 20 years. This was written up by the international group in a document called “Global Financial Stability Report, April 2024.”

The multilateral body says that the financial sector is very vulnerable to cyber risk. It also says that about one-fifth of all cyber events that have happened in the last twenty years have affected the financial sector, with banks being the most common targets followed by insurers and asset managers. The loss recorded by financial institutions since 2020 stood at $2.5 billion.

“Financial firms have reported significant direct losses, totalling almost $12 billion since 2004 and $2.5 billion since 2020.

“Financial institutions in advanced economies, particularly in the United States, have been more exposed to cyber incidents than firms in emerging market and developing economies.

“JP Morgan Chase, for example, the largest US bank, recently reported experiencing 45 billion cyber events per day while spending $15 billion every year and employing 62,000 technologists, many focused on cyber-security,” IMF stated.

“A cyber incident at a financial institution or at a country’s critical infrastructure could generate macro financial stability risks through three key channels: loss of confidence, lack of substitutes for the services rendered, and interconnectedness.

“While cyber incidents thus far have not been systemic, ongoing rapid digital transformation and technological innovation (such as artificial intelligence) and heightened global geopolitical tensions exacerbate the risk,” the report added.

IMF said direct losses from cyber incidents reported by firms have thus far been generally modest but could become very large.

“Based on available data, the median reported direct loss to a firm from all cyber incidents has been about $0.4 million, and three-fourths of the reported losses are below $2.8 million.

“Although losses from malicious incidents have been more than five times as large as those from nonmalicious incidents, at around $0.5 million, the magnitude of losses in absolute terms has been generally modest as well.

“For example, most cyber extortions, such as ransomware attacks, or malicious data breaches have resulted in losses of up to $12 million.”

The 2023 Africa Financial Industry Barometer, which was made with the help of the Africa Financial Industry Summit and Deloitte, says that 97% of executives at Africa’s largest banks think cybercrime is a major danger.

The study also reveals biggest problems that African financial institutions face are problems with the economy as a whole, unstable politics and society, and safety risks.