You are here: Home Contents V16 N2 V16N2_Huang.html
Personal tools

Cyber Securing Cross-Border Financial Services: The Need for a Financial Cybersecurity Action Task Force



Full text

Journal of Information Systems Security
Volume 16, Number 2 (2020)
Pages 7997
ISSN 1551-0123 (Print)
ISSN 1551-0808 (Online)
Keman Huang — Sloan School of Management, Massachusetts Institute of Technology, USA
Stuart Madnick — Sloan School of Management, Massachusetts Institute of Technology, USA
Information Institute Publishing, Washington DC, USA




Cyber risk could underlie the next financial crisis. Increasing trade policies on cross-border financial services have been implemented to manage cybersecurity concerns. Simply complying with the fragmented policies can cause unintended consequences for businesses and can even result in new cyber threats. This study develops a taxonomy to understand the effect of trade policies for cyber-securing the cross-border financial services. The analysis reveals that a Financial Cybersecurity Action Task Force, where both public and private sectors are involved, is necessary to create and promote cyber norms to balance innovation and systematic cyber risk within cross-border financial systems.




Cross-border Financial Services, Cybersecurity Risk, Financial Cybersecurity Action Task Force, Trade Restrictions.




Agarwal, S. (2018). Will fintechs dominate the cross-border payments market?

Agrawal, A., Gans, J., & Goldfarb, A. (2019). AI and International Trade. In The Economics of Artificial Intelligence (pp. 463–492).

Anagnostopoulos, I. (2018). Fintech and regtech: Impact on regulators and banks. Journal of Economics and Business, 100, 7–25.

Antón, A. I., & Hemmings, J. (2019). Recognizing Vendor Risks to National Security in the CFIUS Process.

Arner, D. W., Barberis, J., & Buckley, R. P. (2017). FinTech, regTech, and the reconceptualization of financial regulation. Northwestern Journal of International Law and Business, 37(3), 373–415.

Boeke, S. (2018). National cyber crisis management: Different European approaches. Governance, 31(3), 449–464.

Boer, M. (2017). Cyber Security & Financial Stability: How cyber-attacks could materially impact the global financial system. Institute of International Finance, (September).

Coeuré, B. (2019). The new frontier of payments and market infrastructure: on cryptos, cyber and CCPs.

Committee on Payment and Settlement Systems, & International Organization of Securities Commissions. (2011). Principles for financial market infrastructures - Consultative report.

Farrell, H., & Newman, A. L. (2020). Choke Points. Harvard Business Review, (February).

Farrell, J. P. (2019). Of Flash Crashes, Hidden Actors, And Nasty Implications.

FATF. (2018a). FATF Report to G20 Finance Ministers and Central Bank Governors. Paris, France.

FATF. (2018b). The FATF Recommendation.

Financial Stability Board. (2017a). Stocktake of Publicly Released Cybersecurity Regulations, Guidance and Supervisory Practices, (October).

Financial Stability Board. (2017b). Summary Report on Financial Sector Cybersecurity Regulations, Guidance and Supervisory Practices.

Goldfarb, A., & Tucker, C. (2012). Privacy and Innovation. Innovation Policy and the Economy, 12, 65–90.

Grindal, K. (2019). Trade regimes as a tool for cyber policy. Digital Policy, Regulation and Governance, 21(1), 19–31.

Healey, J., Mosser, P., Rosen, K., & Tache, A. (2018). The Future of Financial Stability and Cyber Risk. Brookings Institution, (October), 1–18.

IMF. (2018). Future of Work: Measurement and Policy Challenges, 1–40.

Inkpen, A., Minbaeva, D., & Tsang, E. W. K. (2019). Unintentional, unavoidable, and beneficial knowledge leakage from the multinational enterprise. Journal of International Business Studies, 50, 250–260.

International Telecommunication Union. (2019). Global Cybersecurity Index 2018.

Johnson, J., & Desmond Lim, Y. C. (2003). Money laundering: has the Financial Action Task Force made a difference? Journal of Financial Crime, 10(1), 7–22.

Kaminski, M. E. (2018). The Right to Explanation, Explained. SSRN Electronic Journal, (July), 17–40.

Kho, S., & Petersen, T. (2019). Turning the tables: The United States, China, and the WTO national security exception. China Business Review, 2018(August), 5–9.

Koch, D. D. (2016). Is the HIPAA Security Rule Enough to Protect Electronic Personal Health Information (PHI) in the Cyber Age? Journal of Health Care Finance, 43(3).

Kopp, E., Kaffenberger, L., & Wilson, C. (2017). Cyber Risk, Market Failures, and Financial Stability (IMF Working Paper). Retrieved from

Lall, R. (2017). Beyond Institutional Design: Explaining the Performance of International Organizations. International Organization, 71(2), 245–280.

Lambach, D. (2019). The Territorialization of Cyberspace. International Studies Review, 1–25.

Linton, J. D., Boyson, S., & Aje, J. (2014). The challenge of cyber supply chain security to research and practice - An introduction. Technovation, 34(7), 339–341.

Madnick, S. (2019). The Ethics of AI: What Happens When Humans Can’t Agree on What is “Right?” The Wall Street Journal, 1.

Madnick, S. (2020). Blockchain isn’t as unbreakable as you think. MIT Sloan Management Review, 61(2), 65–70.

Mckenzie, B. (2018). PBOC Announced Rules for Foreign-Invested Payment Service Providers to Operate Electronic Payment Services in China.

McKinsey. (2017). Global payments 2017: Amid rapid change, an upward trajectory.

McKinsey. (2019). A vision for the future of cross-border payments.

Meltzer, J. P. (2019). Governing Digital Trade. World Trade Review, 18(S1), S23–S48.

Mourdoukoutas, P. (2019). Bitcoin and Stellar Get Another Boost From IBM.

Paganini, P. (2016). Russian Metel group manipulated ruble-dollar exchange rate with malware.

Relihan, T. (2019). These Are the Cyberthreats Lurking in Your Supply Chain. SSRN Electronic Journal, (February), 1–6.

Reuters. (2016). Spelling Mistake Prevented Hackers Taking $1bn in Bank Heist.

Robert E. Lighthizer. (2019). 2018 National Trade Estimate Report on Foreign Trade Barriers.

Scharre, P. (2019). Killer apps: The real dangers of an AI arms race. Foreign Affairs, 98(3), 135–144.

Taylor, M. (2014). Turkey Introduces New E-Payment Rules To Tackle Deficit And Terror Funding.

ThreatMetrix. (2019). 9 Key Cybercrime Trends for Financial Institutions in EMEA.

Tsakanikas, N. (2019). JP Morgan Set to Launch its Own Native Cryptocurrency for Cross-Border Payments.

US White House. (2019). Executive Order on Securing the Information and Communications Technology and Services Supply Chain. Retrieved May 15, 2019, from

Xie, S. Y., & Dummett, B. (2019). Ant Financial to Acquire U.K.’s WorldFirst. The Wall Street Journal, Feb.