CBA working on anti-fraud regulation

The Central Bank of Azerbaijan (CBA) is working on anti-fraud regulation.

Elnur Eyvazlı, Director of the Information Security, Cybersecurity and Digital Fraud Prevention Department at the CBA, said this at an event titled "The Future of Financial Cybersecurity in the Age of Artificial Intelligence" held in Baku, Report informs.

According to him, if greater preference is given to automation, artificial intelligence and anti-fraud tools in many processes, it will be possible to automate a large part of daily operations and direct resources more toward data analytics and incident analysis.

"As for the steps taken by the CBA in this area, work is currently underway on anti-fraud regulation. The preparation of the document is almost 90% complete, with legal procedures remaining. After the relevant stages are completed, the document will be shared with the financial sector. First, the draft version will be presented, feedback from sector participants will be collected and, if necessary, the document will be further improved. On the other hand, we continue our activities as CERT. Any service in the digital sector must undergo a penetration test before being put into production," he said.

"The use of artificial intelligence in the penetration testing process is possible, and this approach is effective in certain areas. However, there is an important point here. In classic penetration tests, the main focus is on identifying logical vulnerabilities. For example, cases where 10 manats ($5.9) are deducted instead of the 5 manats ($2.9) a user was supposed to pay, or vice versa, where a smaller amount is charged due to a vulnerability in the system, fall into this category. Classic penetration tests focus on identifying such risks. At the same time, it is possible to automate the detection of widespread vulnerabilities such as the OWASP Top 10 and other standard checks. I support this approach," the CBA official noted.