Featured Product

    AMF Publishes Guideline on ICT Risk Management

    February 27, 2020

    AMF published the guideline on information and communications technology (ICT) risk management. The guideline takes into account developments in ICT risk management and reflects observations made by AMF in the course of its supervisory activities in relation to the financial institutions concerned. The effective date of this guideline is February 27, 2020. With respect to the legal obligation imposed on the institutions to follow sound and prudent management practices, AMF expects each institution to adopt the principles of this guideline by developing strategies, policies, and procedures commensurate with its nature, scale, complexity, and risk profile.

    The guideline is intended for authorized insurers, federations of mutual companies, financial services cooperatives, and legal persons belonging to a cooperative group, authorized trust companies, savings companies, and certain other deposit institutions. It describes the expectations of AMF with respect to ICT risk. The ultimate goal of these expectations is to strengthen the financial sector’s resilience in response to the risk of data being lost, leaked, stolen, corrupted, or accessed without authorization. These expectations are intended to ensure the development of appropriate security hygiene through the implementation of measures that will help prevent a major incident and limit its impact.

    Each institution is responsible for clearly understanding all its ICT risks and ensuring that they are appropriately considered in light of the institution’s nature, size, complexity, and risk profile. AMF is also responsible for staying current on the best practices in ICT risk management and adopting them to the extent that they meet its needs. The standards or policies adopted by a federation with respect to financial services cooperatives and mutual insurance associations that are members of the federation should be consistent, if not convergent, with the principles of sound and prudent management set down in legislation and clarified in this guideline.

     

    Effective Date: February 27, 2020

    Keywords: Americas, Canada, Banking, Insurance, Guideline, ICT, Cyber Risk, Data Protection, AMF

    Related Articles
    News

    EU Agencies Update LCR Rule and Macro-Prudential Policy Recommendation

    The European Commission (EC) published the Delegated Regulation 2022/786 with regard to the liquidity coverage requirements for credit institutions under the Capital Requirements Regulation (CRR).

    May 23, 2022 WebPage Regulatory News
    News

    EBA Publishes Regulatory Standards to Identify Shadow Banking Entities

    The European Banking Authority (EBA) published the final draft regulatory technical standards specifying the criteria to identify shadow banking entities for the purposes of reporting large exposures.

    May 23, 2022 WebPage Regulatory News
    News

    EIOPA Examines Physical Climate Risk Exposure, SII Non-Compliance

    The European Insurance and Occupational Pensions Authority (EIOPA) published a report assessing insurers' exposure to physical climate change risks

    May 20, 2022 WebPage Regulatory News
    News

    NGFS Report Explores Quantification of Climate Risk Differentials

    The Network for Greening the Financial System (NGFS) published two reports to aid central banks and regulators in their oversight of the financial sector and in their central bank operations

    May 19, 2022 WebPage Regulatory News
    News

    EC Publishes Results on Review of Web Accessibility Directive

    The European Commission (EC) published the results of a public consultation, held in October 2021, on the review of the Web Accessibility Directive.

    May 19, 2022 WebPage Regulatory News
    News

    MAS Consults on Adjustment Spreads for Conversion of SOR Contracts

    The Monetary Authority of Singapore (MAS) and the SC-STS are jointly consulting, until June 10, 2022, on setting adjustment spreads for the conversion of legacy SOR contracts to SORA reference rate.

    May 18, 2022 WebPage Regulatory News
    News

    OSFI Discusses Benchmark Rate Transition, Sets Out Work Priorities

    The Office of the Superintendent of Financial Institutions (OSFI) published the strategic plan for 2022-2025 and the departmental plan for 2022-23.

    May 17, 2022 WebPage Regulatory News
    News

    EBA Proposes Standards to Support Secondary NPL Markets

    The European Banking Authority (EBA) is consulting, until August 31, 2022, on the draft implementing technical standards specifying requirements for the information that sellers of non-performing loans (NPLs) shall provide to prospective buyers.

    May 17, 2022 WebPage Regulatory News
    News

    EU Confirms Agreement on Rules on Cybersecurity and Banking Resolution

    The European Council and the Parliament reached an agreement on the revised Directive on security of network and information systems (NIS2 Directive).

    May 13, 2022 WebPage Regulatory News
    News

    EBA Issues Standards for Crowdfunding Service Providers Under ECSPR

    The European Banking Authority (EBA) published the final draft regulatory technical standards specifying information that crowdfunding service providers shall provide to investors on the calculation of credit scores and prices of crowdfunding offers.

    May 13, 2022 WebPage Regulatory News
    RESULTS 1 - 10 OF 8206