Brazilian Pension Funds Authority sets out supervisory and coordination priorities for cybersecurity resilience at CORE Summit 2025

At the Coremec-organised CORE Summit 2025 in São Paulo, the Brazilian Pension Funds Authority (PREVIC) joined the Central Bank of Brazil, the Brazilian Securities and Exchange Commission (CVM) and the Superintendence of Private Insurance (Susep) to discuss how regulators and supervisors are approaching cyber resilience and digital security in the financial sector. PREVIC director-superintendent Ricardo Pena linked the agenda to Brazil’s National Cybersecurity Strategy established by Decree 12.573/25 and highlighted work on regulatory, supervisory, coordination and control mechanisms to support the security, resilience and continuity of essential services, particularly in pension funds. The Central Bank of Brazil’s supervision director, Ailton de Aquino Santos, pointed to rapid technological change driven by digitalisation, tokenisation and artificial intelligence, and argued that cyber security depends on human capabilities and cooperation across business and security teams, supervised entities and regulators. CVM’s superintendent-general, Alexandre Pinheiro dos Santos, underscored the need for regulatory coordination while maintaining a stable regulatory environment, including proportionality to the size and condition of regulated entities and a focus on effectiveness; Susep’s Alessandro Octaviani warned that attacks on the system’s weakest link can affect the most resilient parts and called for proactive state engagement and market listening given the combined pressures of digitalisation, competition incentives and geopolitics. Across the opening session, participants stressed joint action across regulators and market participants, with PREVIC pointing to the need to diagnose vulnerabilities and implement coordinated strategic measures to address digital threats.