New Delhi: The past decade has witnessed a massive structural shift in the nature and scale of cyber risk within the global financial system, with data from the IMF’s latest working paper, titled The Rise of Cyber Events and Digital Fraud in the Financial Sector, pointing to a sustained and accelerating threat trajectory.
Between 2014 and 2023, more than 14,000 cyber events were recorded across 162 jurisdictions (a country or region that has its own laws and authorities responsible for cybersecurity and financial regulation), with the financial sector accounting for roughly 9-10% of total incidents. What is more striking than the absolute share is the pace of change: the sector’s proportion of cyber incidents nearly doubled from 6% in 2014 to 13% by 2023, underscoring a disproportionate intensification of risk relative to other industries.
In its working papers, the IMF adopted a broad definition where a cyber event refers to “the result of any single unauthorized effort, or the culmination of many such technical actions, that engineers, through use of computer technology and networks, achieve a desired primary effect on a target”. In simple terms, a cyber event occurs when someone uses computers or networks without authorization to cause a disruptive specific effect on a target.
This rise has unfolded alongside the rapid digitalisation of finance. The number of cyber attacks globally has almost doubled compared with pre-pandemic levels, reflecting both expanded digital infrastructure and a widening attack surface. The trend is not linear but exhibits a pronounced inflection after 2020, when financial-sector cyber events shifted from a fluctuating upward path to a sharp surge beginning in 2021.
The distribution of attacks reveals both concentration and systemic exposure. Banking institutions alone account for approximately 46% of financial-sector incidents, followed by securities and commodities markets at 33%, and insurance at 16%. These figures point to the vulnerability of core intermediation and market infrastructure layers rather than peripheral financial services.
Equally revealing is the nature of attacks. Around 66% of financial-sector cyber events are exploitative rather than disruptive, targeting data extraction rather than operational paralysis. Application servers alone account for roughly half of exploitative attacks, indicating a systematic targeting of digital transaction backbones and customer data repositories.
Geographically, the pattern reflects both digital maturity and reporting capacity. Advanced economies such as the United States dominate reported incidents, with over 6,400 cases during the study period, but this concentration is partly a function of deeper digital integration and stronger disclosure frameworks. Emerging markets, by contrast, report fewer incidents but are not necessarily less exposed; rather, underreporting and weaker surveillance systems obscure the true scale of risk.
India sits at an important intersection in this landscape. As one of the jurisdictions included in global datasets, it reflects both rapid digital financial expansion and rising cyber vulnerability. The country’s digital public infrastructure, including large-scale payment systems, places it firmly within the high-growth, high-risk cohort of emerging markets where cyber exposure is rising faster than institutional safeguards can fully adapt.
The IMF paper also highlights the interdependence between financial institutions and ICT service providers. Roughly 10% of all cyber events occur within the ICT sector, but their systemic impact is magnified by the financial sector’s reliance on cloud infrastructure, data processing, and network services. This interconnectedness introduces second-order risks, where attacks on technology providers cascade into financial disruptions, amplifying systemic vulnerability.
Taken together, the data point to a clear conclusion: cyber risk is no longer episodic but structural. The financial sector’s growing digital footprint has fundamentally altered its threat profile, embedding cyber risk into the core of financial stability considerations. This transformation also suggests that traditional perimeter-based security models are increasingly inadequate, as threats now originate both externally and from within complex digital supply chains.
Fraud Explosion
If cyber events represent the institutional face of digital risk, cyber-enabled fraud reflects its social and economic spillover. Here, the data reveal an even sharper escalation. Over the past decade, cyber-enabled fraud has nearly tripled globally, reaching approximately 2.5 million cases by 2022.
This surge is closely tied to behavioural and technological shifts during the pandemic, when digital adoption accelerated dramatically. Lockdowns pushed consumers and businesses online, while criminal networks industrialised fraud operations, often operating across borders through organised scam centres.
The scale of financial losses is staggering. Industry estimates suggest global scam-related losses approached $1 trillion in 2024, highlighting a shadow economy of fraud that rivals major sectors in size. In developing economies, the impact is particularly acute, with losses estimated at between 2.5% and 4.2% of GDP. This is a critical insight: while advanced economies may suffer higher per-case losses, developing markets bear a heavier macroeconomic burden.
India again offers a telling case study. Official data show over 65,000 cybercrime cases, of which roughly 26.5% are fraud-related. Given widespread underreporting, the actual scale is likely far higher. The rapid expansion of digital payments, particularly through mobile and real-time systems, has created both financial inclusion gains and new vectors for fraud.
The structure of fraud itself is evolving. Payment-related fraud is increasingly dominated by credit transfers and card-based transactions, reflecting the centrality of these instruments in modern financial systems, according to the report. At the same time, crypto-related fraud has grown rapidly, particularly since 2021, as digital assets introduce new anonymity and cross-border transfer capabilities, it adds.
Regional trends reinforce the global picture. Asia has experienced the fastest growth in cyber-enabled fraud, driven by expanding digital ecosystems and rising internet penetration. North America shows a sustained upward trajectory, with millions of complaints logged annually, while Europe exhibits moderate but persistent rise.
The report finds that a notable correlation emerges between fraud incidence and economic variables. Higher GDP per capita and greater banking penetration are associated with increased fraud cases, suggesting that financial deepening, while beneficial, also enlarges the attack surface.
Yet the most important caveat is data quality. Underreporting remains endemic, with many victims unwilling or unable to report fraud. This implies that current figures likely underestimate the true scale of the problem, potentially by a wide margin.
In effect, cyber-enabled fraud has transitioned from opportunistic crime to an organised, technology-driven industry. Its growth trajectory mirrors that of digital finance itself, raising fundamental questions about trust, consumer protection, and systemic resilience. Increasingly, fraud is also leveraging artificial intelligence tools for phishing, deepfakes, and identity manipulation, adding a new layer of sophistication that could accelerate both scale and success rates in the years ahead.
Policy Imperatives
The convergence of rising cyber events and expanding digital fraud presents a complex policy challenge, one that extends beyond traditional regulatory frameworks. The IMF analysis underscores that vulnerabilities in digital systems simultaneously enable institutional cyber incidents and consumer-level fraud, creating a dual-layered risk architecture.
Regulatory responses have begun to evolve, but remain uneven across jurisdictions. Some countries have implemented targeted measures, including stronger reporting frameworks, fraud taxonomies, and coordinated enforcement mechanisms. Others are still grappling with fragmented data systems and limited institutional capacity.
A central issue is information asymmetry. Cyber incidents are often confidential and market-sensitive, leading to inconsistent disclosure and incomplete datasets. This complicates both risk assessment and policy formulation, particularly in emerging markets where reporting frameworks are still developing.
For India, the policy implications are particularly significant. The country’s leadership in digital payments, combined with its large and diverse user base, makes it both a global model and a high-risk environment. Strengthening reporting systems, enhancing consumer awareness, and improving coordination between regulators and law enforcement will be critical to managing this risk.
At a systemic level, the interdependence between financial institutions and ICT providers demands closer regulatory scrutiny. Cyber incidents in cloud infrastructure or data services can propagate rapidly across the financial system, creating contagion-like effects. This raises the need for cross-sectoral oversight and resilience planning.
Another emerging priority is the regulation of payment systems and crypto-assets. The increasing role of virtual asset service providers and cross-border payment networks in facilitating fraud highlights gaps in existing supervisory frameworks. Addressing these gaps will require international cooperation, particularly given the transnational nature of cybercrime.
The broader financial stability implications are becoming harder to ignore. Digital fraud not only imposes direct financial losses but also erodes trust in financial institutions and payment systems. In extreme cases, large-scale cyber incidents could disrupt critical infrastructure, posing systemic risks.
The trajectory outlined in the IMF paper suggests that cyber risk will continue to intensify as digitalisation deepens. The challenge for policymakers is to stay ahead of this curve, balancing innovation with security, and ensuring that the gains from digital finance are not undermined by rising vulnerabilities. In practical terms, this will require sustained investment in cyber resilience, stronger public-private collaboration, and the development of real-time monitoring and response systems capable of matching the speed of evolving threats.
The data in the report tell a clear story. Cyber threats are growing faster than traditional risk management frameworks can adapt. For both advanced and emerging economies, including India, the task ahead is not merely to respond to incidents, but to fundamentally rethink the architecture of financial resilience in a digital age.