Mitigation of cyber risks in the field of electronic payments: Organizational and legal measures

The issues of ensuring the electronic payments’ security are currently in the limelight of participants in the monetary system and the scientific expert community. The goal of this paper is to develop organizational and legal measures aimed at improving the security of electronic payments in the Russian Federation. Research methods include the analysis of retrospective data describing the development of the payment system and electronic payments using bank cards, as well as the method of statistical observations and analysis of secondary data from surveys of Russian and foreign companies covering the information security. Through solving the research problems, the author managed to draw a number of conclusions: ∎ Dynamic development of the electronic payment system causes the growth of cybercrime and cyber risks in payment systems; ∎ Despite quite active actions of state bodies and the Bank of Russia, the legal framework and infrastructure for electronic payments are still in the development stage; ∎ Cyber attacks cause significant damage not only to financial institutions, but also to companies from a non-financial sector, as well as to ordinary citizens using electronic payment systems. In the opinion of the author, the key organizational and legal measures aimed at mitigating cyber risks in electronic payments may be measures to form the centralized payment infrastructure of the Bank of Russia, introduce the corporate cyber threat management systems, improve policies and procedures for the protection of personal data at the corporate level, as well as train the employees in the field of information security of electronic settlements. © 2018, ASERS Publishing House. All rights reserved.