Governance Regulation, Lastest Topics, Popular News, Regulatory Updates
SFC urges licensed firms to guard against emerging AI-enabled cyber threats
04
Jun
Jun
On 2nd June 2026,The Securities and Futures Commission (SFC) issued a circular urging licensed firms to strengthen their cybersecurity frameworks against sophisticated threats driven by frontier artificial intelligence (AI) models. This regulatory intervention comes amidst a sharp escalation in cyber risk, highlighted by a 27% increase from 12,536 cases in 2024 to 15,877 cases in 2025 in local cyberattacks.Consequently, the SFC warns that rapid advancements in AI have drastically lowered the barriers to entry for malicious actors, enabling high-frequency, targeted, and large-scale operational disruptions.
Specifically, these advanced AI tools allow cybercriminals to accelerate vulnerability exploitation and orchestrate complex deepfake impersonations, phishing schemes, and social engineering attacks. In response, the SFC emphasizes that internet brokers and virtual asset trading platforms must immediately implement robust security patches, continuous detection monitoring, and rigorous incident recovery protocols to safeguard confidential client data and assets.
Overall, the SFC underscores that senior management bears the primary responsibility for ensuring institutional cyber resilience. Moving forward, the regulator intends to actively supervise compliance by organizing industry webinars and conducting thematic reviews to evaluate firms’ preparedness against these accelerating, AI-driven risks.
Source:https://apps.sfc.hk/edistributionWeb/gateway/EN/news-and-announcements/news/doc?refNo=26PR77
Related Circular:https://apps.sfc.hk/edistributionWeb/api/circular/openFile?lang=EN&refNo=26EC32
Appendix:https://apps.sfc.hk/edistributionWeb/api/circular/openAppendix?lang=EN&refNo=26EC32&appendix=0