Cyber incidents (attacks) have increased in recent years and have become a risk that keeps Central Bank Supervision Director Aiton Aquino dos Santos up at night, as he himself said this Wednesday (12th) during the presentation of the Financial Stability Report (REF) for the first half of this year.
He said BC and Pix’s architecture is “perfectly functional” and “resilient,” but there are concerns about monitoring services provided through third-party services and application programming interfaces (APIs). “(Cyber incidents) will also result in losses for some institutions in some cases,” Aquino warned.
Cyber incidents will rise from 24 in 2023 to 59 in 2024, according to research published this morning. The director said as of the last update in October 2025, B.C. had already recorded 68 incidents of this type this year.
Aquino said the investigation shows that while some financial institutions show weaknesses related to key controls in service delivery, criminal groups have “sophisticated knowledge” of the operation of the national financial system.
Regarding this year’s high-profile cases, President Aquino said, “Obviously, the recent cases at C&M and Sinquia are more powerful and more important.” He also commented, “We learned from the C&M event. From the Sinqia event, for reference, the recovery level was 90%.”
The BC director also emphasized that this concern is not unique to BC. “Third-party services are relevant not only to the Brazilian banking supervisory authority, but also to those in the United States, France and Germany. This topic is on the agenda of our international discussion forum.”
Aquino said B.C. has taken several steps to reduce cyber risks in its financial system and is working to strengthen its oversight and oversight team.
About The Author
