Skip to content
News reaction: Bank for International Settlements (BIS) publishes Project Polaris outputs focusing on ‘secure and resilient’ CBDC systems

News -

News reaction: Bank for International Settlements (BIS) publishes Project Polaris outputs focusing on ‘secure and resilient’ CBDC systems

We are living in an increasingly digital world and with a growing dependency on online payment systems which can be impacted by system outages, cyber-attacks, and natural disasters, Central Bank Digital Currencies (CBDCs) are being actively considered by major economies across the globe.

CBDCs could provide a range of benefits to users, from financial inclusion to digital payment alternatives for those unable to use mainstream options, but they also present resilience and security challenges and considerations that must be addressed if they are to become a sustainable form of currency.

Project Polaris is a newly published framework from the Bank of International Settlements (BIS), an international financial institution owned and governed by central banks. The new framework focuses on designing “secure and resilient CBDC systems, offline and online”, allowing national banks to secure our connected future through improving the resilience of payment systems and providing backup in times of crisis.

In the framework, escrow has been highlighted as a pivotal step for secure and resilient CBDC systems with central banks urged to ‘prepare’ in the earliest stage possible, setting escrow as a resilience baseline for all global CBDC’s moving forward.

“The central bank's CBDC service continuity plan includes exit strategies to maintain the CBDC system's operational resilience in the event of a failure or disruption at a third party impacting the CBDC system's operations, which should include escrowing the third party's software source code and other artifacts that can be used to reconstruct the software, where applicable.”

On the inclusion of technology escrow within the new guidelines, Wayne Scott, Regulatory Compliance Solutions Lead for the Software Resilience division of NCC said:

“It is wonderful to see the Bank of International Settlements continuing the global regulatory trend of naming technology escrow a vital component of the resilience planning for global CBDCs.

“CBDCs have the potential to revolutionize the global payments system rapidly and it is paramount to ensure that the technology behind the CBDCs remains available even if the suppliers fail.

“Setting a resilience baseline that protects CBDC from the non-cyber related risks of supplier failure, service deterioration and concentration risk puts these projects on firm footing to go forward with confidence.”

Jon Renshaw, Deputy Director of Commercial Research comments:

“The Project Polaris reports from BIS are useful and practical contributions to the developments in CBDC. The security and resilience framework gives central banks a framework built on best practice, and in familiar language, but tailored to some of the unique cyber security challenges in CBDC.

“Particular highlights include the recognition that central banks will need to develop new competencies to understand and run this new type of system securely, clear guidance on recommended security maturity at various stages of deployment, and a new set of control objectives specific to CBDC.”




NCC Group Press Office

NCC Group Press Office

Press contact All media enquires relating to NCC Group plc +44 7721577574
NCC Group - Financial Media Enquiries

NCC Group - Financial Media Enquiries

Press contact Maitland AMO Financial Results Media Enquiries +44 (0)20 7379 5151
Regional Press Office - North America

Regional Press Office - North America

Press contact +1 408 776 1400
Regional Press Office - Europe

Regional Press Office - Europe

Press contact +31 20 794 4737

NCC Group exists to make the world safer and more secure

In today’s threat landscape understanding the risks organisations and customers are exposed to is more important than ever.

Understanding the impact and how to be more resilient is key to protecting brand, reputation and sensitive customer information. Building a cyber-resilient organization can be a complex process but it’s not impossible.

With our knowledge, experience and global footprint, we help assess, develop and manage cyber resilience posture.

NCC Group Newsroom
XYZ Building, 2 Hardman Boulevard, Spinningfield
M3 3AQ Manchester
United Kingdom