Abstract

Banks live and breathe through their digital systems now, which makes cybersecurity less of a side concern and more of a make-or-break issue. You see it most clearly in places like Iraq, where the digital backbone is still being pieced together and, frankly, is easier to exploit. That’s what pushed us to ask: what happens to the quality of financial reporting when cyber threats creep in? We narrowed the focus to three banks—Ashur International, the Bank of Baghdad, and the National Bank of Iraq. They’re at different stages of preparedness, and that gap turned out to be telling. With agency and contingency theories as loose guides, we looked at how the essentials of reporting—timeliness, accuracy, completeness, compliance—hold up when systems are under stress. We surveyed financial officers, IT staff, and internal auditors, then ran the numbers. The pattern was fairly stark: as the sense of cyber risk went up, reporting quality dipped, especially in timeliness and accuracy. Still, the decline wasn’t uniform. Banks with stronger safeguards and more integrated IT systems weathered the pressure better. Which suggests, if anything, that resilience isn’t just technical; it’s bound up with governance, coordination, and people. Cybersecurity, in other words, isn’t an add-on—it’s inseparable from financial transparency and public trust.