Journal of Operational Risk

Risk.net

The spillover effect of the Bangladesh Bank cyber heist on banks’ cyber risk disclosures in Bangladesh

Mohammed Mehadi Masud Mazumder and Abdus Sobhan

  • The Bangladesh Bank cyber heist threatens the legitimacy of the banking sector of Bangladesh.
  • The banking sector of Bangladesh has significantly increased voluntarily disclosure on cyber risks after the Bangladesh Bank heist to regain their legitimacy.
  • Politically embedded banks are a bit reluctant to use cyber risk disclosure as a legitimacy seeking strategy after the Bangladesh Bank heist.
  • The increase in voluntary disclosure on cyber risks after the BB heist is also less pronounced for Islamic Shariah-based oriented banks.

Bangladesh Bank (BB), the central bank of Bangladesh, experienced a highly organized cyber heist in February 2016 that seriously impaired the legitimacy of the cyber security systems of the country’s overall banking sector. This study examines the spillover effect of that cyber heist on the cyber risk disclosures of the banking sector in Bangladesh. Building on institutional theory, we propose that in emerging markets, after a notable cyber heist experienced by the country’s central bank, the banking sector of the country tends to increase cyber risk disclosures as an institutional strategy to regain legitimacy. Analyzing the disclosures in the annual reports of 38 commercial banks from 2014 to 2018, we find that banks’ cyber risk disclosures significantly increased after the BB cyber heist.We also find that the political embeddedness of the banks and their adherence to Islamic Shariah negatively influence a bank’s tendency to use cyber risk disclosures as a legitimacy-regaining strategy after the heist. Our institutional perspective offers new insights into why the banks in an emerging country engage more in cyber risk disclosures after such an atrocious cyber attack.

Sorry, our subscription options are not loading right now

Please try again later. Get in touch with our customer services team if this issue persists.

New to Risk.net? View our subscription options

You need to sign in to use this feature. If you don’t have a Risk.net account, please register for a trial.

Sign in
You are currently on corporate access.

To use this feature you will need an individual account. If you have one already please sign in.

Sign in.

Alternatively you can request an individual account here