Our Services

Our activities are prioritised to support proactive network defence, incident response/support, attribution, arrest and disruption, strategic assessment and innovation.


The CDA acts as a central hub primarily for its members, as well as for the wider financial community and beyond, including other key areas of national infrastructure and government, to collaborate on all matters relating to the prevention, detection, mitigation and investigation of cyber threats and criminality impacting members.

Data Sharing in a Trusted Environment

The real-time sharing of sensitive information between financial institutions, coordinated by the CDA, in a secure and trusted environment for the mitigation and investigation of threats. Data sharing is supported by daily calls, operational meetings and special interest working groups between subject matter experts.

Collective Incident Support

24x7x365 on call personnel to support members through co-ordinated early warning and/or incident response to emergency situations. The CDA provides the central alerting and coordinating role for its members, including intelligence and technical support during an on-going incident. Since late 2019, a similar role has been undertaken for the entire UK Financial Sector, in support of FSCCC (Financial Sector Cyber Collaboration Centre).

Alerting and Reporting

Real-time reporting of identified cyber threats and vulnerabilities. Early identification of criminal and strategic trends, with informed analysis and proactive enrichment. These include daily threat reports, technical alerts, e-crime alerts, trend reporting, geo-political reporting and intelligence summaries.

Threat Modelling

The CDA works with members to understand and assess top cyber and cybercrime threats affecting CDA membership. Analysis and modelling provide banks with actionable intelligence and up-to-date threat baselines to inform operational response.

Training, Mentoring and Expert Presentations

The CDA coordinates training and mentoring sessions from industry experts, as well as presentations and masterclasses subject matter experts across industry and academia.

In-House Tooling and Development

The CDA continually innovates and develops in-house intelligence, research and investigation tools to support our work.

Strategic Partnerships

We maintain strong liaison with government agencies, telecoms providers and similar organisations domestically and internationally. We also maintain strong partnerships with like-minded vendors who support the vision and spirit of the CDA and its members.

Benchmarking and Control Mapping

Through leveraging and sharing of knowledge on attacks, methods, controls and responses, provision of a trusted environment and forum that also allows banks to benchmark, conduct critical peer review and to explore the most effective solutions to common problems.

Domain Analysis & Blocking

As a service, the CDA identifies newly created domains directly or indirectly targeting member banks or their customers. Recovered phish kits are analysed for intelligence opportunities and malicious domains are sent for blocking.

RaaS Alerting

Dumped breached data of potential relevance to members is retrieved and analysed to provide affected members with a full exposure and impact assessment. Statistics and thematic insights on RaaS breaches are provided to CDA members and LE partners, enabling further analysis.


Inclusion in new concepts designed to enhance controls and improve the response, such as biometrics.


Opportunities for secondees to support continuous professional development with new skills and competencies that will be of value to parent organisations.

We provide various other services to our members. Please contact us for more information.