Featured Product

    AMF Publishes Guideline on ICT Risk Management

    February 27, 2020

    AMF published the guideline on information and communications technology (ICT) risk management. The guideline takes into account developments in ICT risk management and reflects observations made by AMF in the course of its supervisory activities in relation to the financial institutions concerned. The effective date of this guideline is February 27, 2020. With respect to the legal obligation imposed on the institutions to follow sound and prudent management practices, AMF expects each institution to adopt the principles of this guideline by developing strategies, policies, and procedures commensurate with its nature, scale, complexity, and risk profile.

    The guideline is intended for authorized insurers, federations of mutual companies, financial services cooperatives, and legal persons belonging to a cooperative group, authorized trust companies, savings companies, and certain other deposit institutions. It describes the expectations of AMF with respect to ICT risk. The ultimate goal of these expectations is to strengthen the financial sector’s resilience in response to the risk of data being lost, leaked, stolen, corrupted, or accessed without authorization. These expectations are intended to ensure the development of appropriate security hygiene through the implementation of measures that will help prevent a major incident and limit its impact.

    Each institution is responsible for clearly understanding all its ICT risks and ensuring that they are appropriately considered in light of the institution’s nature, size, complexity, and risk profile. AMF is also responsible for staying current on the best practices in ICT risk management and adopting them to the extent that they meet its needs. The standards or policies adopted by a federation with respect to financial services cooperatives and mutual insurance associations that are members of the federation should be consistent, if not convergent, with the principles of sound and prudent management set down in legislation and clarified in this guideline.

     

    Effective Date: February 27, 2020

    Keywords: Americas, Canada, Banking, Insurance, Guideline, ICT, Cyber Risk, Data Protection, AMF

    Related Articles
    News

    EC Delegated Regulation on Specialized Lending Exposures Under CRR

    EC finalized the Delegated Regulation 2021/598 that supplements the Capital Requirements Regulation (CRR or 575/2013) and lays out the regulatory technical standards for assigning risk-weights to specialized lending exposures.

    April 14, 2021 WebPage Regulatory News
    News

    OSFI Consults on Minimum Qualifying Rate for Uninsured Mortgages

    OSFI is proposing new minimum qualifying rate for uninsured mortgages under the Guideline B-20.

    April 13, 2021 WebPage Regulatory News
    News

    OSFI Issues Letter on ICAAP Submission and Internal Audit of BCAR

    OSFI issued a letter to confirm that a formal Internal Capital Adequacy Assessment Process (ICAAP) submission is not required in 2021.

    April 12, 2021 WebPage Regulatory News
    News

    ECB Updates List of Supervised Entities in EU in April 2021

    ECB updated the list of supervised entities in EU, with the number of significant supervised entities amounting to 115 as of the March 01, 2021 cut-off date.

    April 12, 2021 WebPage Regulatory News
    News

    ESMA Issues Notification Templates for STS Synthetic Securitizations

    ESMA published the interim simple, transparent, and standardized (STS) notification templates for synthetic securitizations, post the recent amendments to the Securitization Regulation.

    April 09, 2021 WebPage Regulatory News
    News

    EC Agrees to Prolong Scheme to Support NPL Reduction at Greek Banks

    EC has approved the prolongation of an existing Greek scheme aiming to support the reduction of nonperforming loans, or NPLs, of Greek banks on the basis that it remains free of any State aid.

    April 09, 2021 WebPage Regulatory News
    News

    EIOPA Study Examines Internal Model Market and Credit Risks Under SII

    EIOPA published a report presenting the results of its yearly study on the internal modeling of market and credit risks under the Solvency II Directive, also known as SII.

    April 09, 2021 WebPage Regulatory News
    News

    EBA Issues Erratum for Phase 2 Package of Reporting Framework 3.0

    EBA published an erratum for the technical package on phase 2 of the reporting framework 3.0.

    April 08, 2021 WebPage Regulatory News
    News

    EBA Updates Lists of Entities for Use in Capital Calculations under SA

    EBA published an erratum for the technical package on phase 2 of the reporting framework 3.0.

    April 08, 2021 WebPage Regulatory News
    News

    FED Proposes to Automate Bank Stock Adjustment Using Call Report Data

    FED published a proposal to automate non-merger-related adjustments to member banks' subscriptions to Federal Reserve Bank capital stock.

    April 08, 2021 WebPage Regulatory News
    RESULTS 1 - 10 OF 6835