Table of Contents


In February 2016, a few months after Carnegie began its work on this project, a cyber attack shook the finance world.1 Hackers had targeted SWIFT, the global financial system’s main information network, trying to steal 1 billion U.S. dollars, nearly 0.50 percent of Bangladesh’s GDP,2 from the Bangladeshi central bank over the course of a weekend.3 It was a wake-up call revealing that cyber threats targeting the financial sector were no longer limited to low-level theft but could now pose systemic risk.

Only a few months earlier, in 2015, the Carnegie Endowment for International Peace had launched an initiative to better protect the global financial system against cyber threats.4 Our first step was to develop a proposal for the G20 to launch a work stream dedicated to cybersecurity in the financial sector.5 In March 2017, the G20 Finance Ministers and Central Bank Governors outlined an initial road map to increase the cyber resilience of the international financial system. In the wake of the Bangladesh incident, Carnegie expanded its work, complementing the G20 project with the development of an action-oriented, technically detailed cyber resilience capacity-building tool box for financial institutions. Launched in 2019 in partnership with the IMF, SWIFT, FS-ISAC, Standard Chartered, the Global Cyber Alliance, and the Cyber Readiness Institute, this tool box is now available in seven languages.6 And we are continuing to track the evolution of the cyber threat landscape and incidents involving financial institutions through a collaboration with BAE Systems.7

To raise more awareness among senior officials of the growing threat, Carnegie also hosted a series of roundtables at the Munich Security Conference, including a cyber war game, dedicated to cybersecurity and the financial system. We co-hosted a high-level roundtable with the IMF for central bank governors and launched a workshop series at Wilton Park to strengthen the relationships among financial authorities, industry, and law enforcement as well as national security agencies.

In July 2019, an international group—convened by Carnegie—of leading experts in governments, central banks, industry, and the technical community decided that there would be value in developing a longer-term international cybersecurity strategy for the financial system.

This report is the result of that project and offers a vision for how the international community could better protect the financial system against cyber threats. The recommendations are designed to inform the deliberations among the G20, the G7, relevant standard-setting bodies as well as the Annual Meeting of the World Economic Forum and the Munich Security Conference.

Written by Carnegie experts, this document includes feedback obtained through consultations with more than 200 stakeholders in government, the financial regulatory community, industry, and academia. An international advisory group, formed in fall 2019, provided strategic advice throughout the project. In February 2020, following Carnegie’s presentation of this project at the Forum’s annual meeting in Davos the previous month, the World Economic Forum became an official partner.

In collaboration with:

World Economic Forum


1 Michael Corkery and Matthew Goldstein, “North Korea Said to Be Target of Inquiry Over $81 Million Cyberheist,” New York Times, March 22, 2017, DealBook,

2 “GDP (current US$)—Bangladesh,” World Bank,

3 Niaz Alam, “The Great Bangladesh Cyber Heist Shows Truth Is Stranger Than Fiction,” Dhaka Tribune, March 12, 2016,

4 FinCyber Project, “Cybersecurity and the Financial System,” Carnegie Endowment for International Peace,

5 FinCyber Project, “Protecting Financial Stability: G20 Proposal,” Carnegie Endowment for International Peace,

6 FinCyber Project, “Cyber Resilience and Financial Organizations: A Capacity-building Tool Box,” Carnegie Endowment for International Peace,

7 FinCyber Project, “Timeline of Cyber Incidents Involving Financial Institutions,” Carnegie Endowment for International Peace,