FCA to Comply with EBA Guidelines on ICT and Security Risk Management

By Regulatory News

June 25, 2020

Coronavirus

FCA published a statement on its intention to comply with the EBA guidelines on information and communication technology (ICT) and security risk management for credit institutions, investment firms, and payment service providers. The guidelines, which were published in November 2019, enter into force on June 30, 2020. In its statement, FCA also points out that it is in the process of consulting on new requirements to strengthen operational resilience in the financial services sector. FCA expects to publish the final rules on operation resilience in the first quarter of 2021, including providing further information on the links between its operational resilience policy and the EBA guidelines.

In March 2020, FCA had extended the comment period for its consultation (CP19/32) on operational resilience until October 01, 2020. Firms and financial market infrastructures are not expected to be required to meet requirements resulting from this consultation before the end of 2021. While operational resilience remains a top priority for FCA, PRA, and BoE, the later publication date and implementation timetable are intended to alleviate burden on firms and financial market infrastructures in the wake of the COVID-19 outbreak. FCA welcomes feedback from firms to its consultation and their experiences in embedding the requirements of the EBA guidelines.

All credit institutions, investment firms, and payment service providers will be expected to make every effort to comply with the EBA guidelines. Firms should also refer to the EBA "further guidance" on the use of flexibility in relation to COVID-19 and the implementation of the guidelines on ICT and security risk management. Consistent with the EBA "further guidance," FCA will apply reasonable supervisory flexibility when assessing the implementation of the ICT and security management guidelines, given the ongoing COVID-19 crisis.

Related Links

Effective Date: June 30, 2020

Keywords: Europe, EU, UK, Banking, Securities, Insurance, FMI, COVID-19, Operational Resilience, Cyber Risk, CP 19/32, PRA, BoE, FCA

EC Amends Rule for Prudent Valuation Under CRR Amid COVID-19 Pandemic

FED Publishes Results of Stress Test and COVID Sensitivity Analysis

News

EBA Publishes Phase 2 of Technical Package on Reporting Framework 2.10

EBA published phase 2 of the technical package on the reporting framework 2.10, providing the technical tools and specifications for implementation of EBA reporting requirements.

July 10, 2020 WebPage Regulatory News

News

FASB Proposes to Delay Implementation of Insurance Contracts Standard

FASB issued a proposed Accounting Standards Update that would grant insurance companies, adversely affected by the COVID-19 pandemic, an additional year to implement the Accounting Standards Update No. 2018-12 on targeted improvements to accounting for long-duration insurance contracts, or LDTI (Topic 944).