The European Central Bank (ECB) has announced plans to carry out a cyber resilience stress test on 109 directly supervised banks in 2024.

In the stress test scenario, firms will be hit by a successful cyber-attack that disrupts their daily operations.

The exercise will assess how banks respond to and recover from a cyber-attack, rather than their ability to prevent it.

Under the stress test, banks will be expected to test a number of measures, including activating emergency procedures and contingency plans and restoring normal operations.

Supervisors from the ECB will subsequently assess the extent to which banks can cope under such a scenario.

The central bank said that as part of the exercise, 28 banks will undergo an enhanced assessment for which they will submit additional information on how they coped with the cyber-attack.

It added that this sample covers different business models and geographies to provide a "meaningful reflection of the euro area banking system and ensure there is efficient coordination with other supervisory activities".

"This predominantly qualitative exercise will not have an impact on capital through the Pillar 2 guidance, which is a bank-specific capital recommendation on top of the binding requirements," said the ECB. "Rather, the insights gained will be used for the wider supervisory assessment in 2024."

Following the test, supervisors will discuss the findings and lessons learned with each bank as part of the 2024 Supervisory Review and Evaluation Process, which assesses a bank’s individual risk profile.

The main findings of the exercise are expected to be revealed by the summer.

---