Banking Industry Forum on Cybersecurity and Operational Resilience

The Banking Industry Forum on Cybersecurity and Operational Resilience (Fórum com a Indústria para a Cibersegurança e Resiliência Operacional – FICRO) is an advisory structure of the Banco de Portugal which brings together representatives of the banking sector, the critical payment service provider and the Portuguese cybersecurity authority. 

Its mission is to contribute to strengthening the operational resilience of the Portuguese financial system by coordinating efforts and sharing best practices in this field.  

In particular, the Forum aims to:

• raise awareness among the members of the management and supervisory bodies of participating institutions of the importance of acting in the prevention of operational and cybersecurity events, thus minimising potential negative impacts and the level of exposure to these risks;
• promote the understanding of legal requirements in cybersecurity and notification of cybersecurity incidents;
• enhance cooperation between the Banco de Portugal and the supervised institutions by fostering dialogue and interchange of information on cybersecurity between participants;
• discuss different approaches to prevent cybersecurity incidents, including by implementing cybersecurity testing methodologies; 
• develop and coordinate the implementation of initiatives to manage these risks in Portugal, particularly the TIBER-EU;
• identify the main difficulties encountered by institutions in developing and implementing new cybersecurity measures.

Composition

The Forum is composed of:

• one member the Board of Directors of the Banco de Portugal, acting as chair;
• members of the senior management and relevant teams of the Prudential Supervision Department, the Payment Systems Department and the Information Systems and Technology Department of the Banco de Portugal;
• members of the management bodies responsible for information systems, security, digitalisation and/or supervisory functions of institutions appointed as operators of essential services in the banking sector under Law No 46/2018; 
• one representative of the Portuguese Banking Association (Associação Portuguesa de Bancos – APB);
• one representative of the National Cybersecurity Centre (Centro Nacional de Cibersegurança – CNCS);
• one representative of the critical payment service provider (SIBS FPS).