19 October 2021

“People think that cyber security is just limited to protecting our software, our network against theft, against damage, misuse or abuse. But I think they are missing one important component—there is no successful cyber security program without legal protection likewise.” This is what DivinaLaw Managing Partner Atty. Nilo T. Divina shared in the recently concluded online discussion on “The Future of Banking & Financial Services is Asian: Web 3.0, Cybersecurity and Future Trends in Banking.”

Organized by Digital Pilipinas, in collaboration with LexisNexis Risk Solutions, World Fintech Festival, and the Monetary Authority of Singapore—the event was attended by representatives from the banking and financial services sector and featured speakers from Bangko Sentral ng Pilipinas and some of the biggest banks in the country.

As part of the panel discussion on The Evolving Face of Risk: From Mitigation to a Lever for Hyper-growth,” Atty. Divina further remarked: ‘’All of those documents related to cyber security have to be reviewed thoroughly by lawyers. Not often discussed, is it possible to put a cap or a limit to the liability of banks or other institutions in case of a data breach? Is it okay, for example, to set conditions for liability before a bank or institution can be held liable? Like setting a period to notify the bank of the breach, documents submitted in case of a breach. So, this is a gray area. In transportation, it is allowed to have limits of liability. I am thinking along the same line of thinking, may be deducted to limit the liability of banks in case of breach of data or in case of information theft, in case of lax or inadequate cyber security program adopted by these institutions. You know, deposits lost in cyber-attacks are not insured with the PDIC. Should we therefore amend our law to likewise protect our depositors in case of damage resulting from lax or inadequate infrastructure relating to cyber security? While we encourage innovation of course, we have to make sure that our consumers are protected. We have to strike a happy compromise, a balance between innovation and protecting the interests of our customers.”

Aside from Atty. Divina, the panel discussion also featured Mr. Melchor Plabasan, director of BSP’s Technology Risk and Innovation Supervision Department, Ms. Lotte Schou Zibell, regional director of Asian Development Bank, and Mr. David Haynes, vice president of LexisNexis Risk Solutions. The panel was moderated by Mr. Malik Khan Kotadia, co-founder and Global Board chairman of Global Impact FinTech (GIFT) Forum.