The Financial Stability Board (FSB) has on 17 October published for consultation a Format for Incident Reporting Exchange (FIRE), a common format for financial firms’ reporting of operational incidents, including cyber incidents. FIRE aims to promote convergence in reporting practices, to address operational challenges arising from reporting to multiple authorities, and to foster better communication within and across jurisdictions. FIRE builds on the FSB Recommendations to Achieve Greater Convergence in Cyber Incident Reporting, published in 2023.
Incident reporting is a key mechanism for financial authorities to monitor disruptions within regulated entities. Currently, differences in reporting approaches across jurisdictions result in fragmented requirements and coordination challenges, which could exacerbate financial stability risks arising from operational incidents, including cyber incidents. Greater convergence between reporting frameworks will support financial institutions’ efficient incident response and recovery, as well as more effective supervision and cooperation among authorities.
Developed in consultation with the private sector, FIRE provides a set of common information items for reporting incidents. Its design maximises flexibility and interoperability. Authorities can choose the extent to which they adopt FIRE, leveraging its features and definitions to promote convergence and facilitate translation between existing frameworks. Similarly, financial institutions can use FIRE both in their reporting to financial authorities and in their relationships with service providers. The consultation package consists of (i) a ‘human-readable’ format, (ii) a structured data model of FIRE using the reporting-language-agnostic Data Point Model method, and (iii) a taxonomy in eXtensible Business Reporting Language (XBRL) as a sample machine-readable version of FIRE.
