Featured Product

    APRA Consults on First Prudential Standard for Tackling Cyber Attacks

    March 07, 2018

    APRA has responded to the growing threat of cyber attacks by proposing its first prudential standard on information security, known as CPS 234. APRA released a package of measures, titled “Information Security Management: A new cross-industry prudential standard,” for industry consultation. The package is aimed at shoring up the ability of APRA-regulated entities to repel cyber adversaries, or respond swiftly and effectively in the event of a breach. Comment period is open until June 07, 2018.

    Key areas where APRA is hoping to lift standards include assurance over the cyber capabilities of third parties such as service providers and enhancing entities’ ability to respond to, and recover from, cyber incidents. APRA proposes to apply this standard authorized deposit-taking institutions, general insurers, life insurers, private health insurers, licensees of registrable superannuation entities (RSE licensees), and authorized or registered non-operating holding companies. APRA intends to finalize the proposed standard toward the end of the year, with a view to implementing CPS 234 from July 01 next year. The proposed new standard, CPS 234, would require regulated entities to:

    • Clearly define the information security-related roles and responsibilities of the board, senior management, governing bodies, and individuals
    • Maintain information security capability commensurate with the size and extent of threats to information assets and which enables the continued sound operation of the entity
    • Implement information security controls to protect its information assets and undertake systematic testing and assurance regarding the effectiveness of those controls
    • Have robust mechanisms in place to detect and respond to information security incidents in a timely manner
    • Notify APRA of material information security incidents

     

    Related Links

    Comment Due Date: June 07, 2018

    Keywords: Asia Pacific, Australia, Banking, Insurance, CPS 234, Cyber Risk, Prudential Standard, APRA

    Related Articles
    News

    APRA Reviews Repayment Deferral Plans, Identifies Best Practices

    APRA has concluded its review of the comprehensive plans of authorized deposit-taking institutions for the assessment and management of loans with repayment deferrals.

    September 22, 2020 WebPage Regulatory News
    News

    ESAs Assess Risks to Financial Sector After COVID-19 Outbreak

    ESAs (EBA, EIOPA, and ESMA) published the first joint report that assesses risks in the financial sector since the outbreak of the COVID-19 pandemic.

    September 22, 2020 WebPage Regulatory News
    News

    BoE Confirms Withdrawal of COVID Corporate Financing Facility

    BoE and HM Treasury confirmed that the COVID Corporate Financing Facility (CCFF) will close for new purchases of commercial paper, with effect from March 23, 2021.

    September 22, 2020 WebPage Regulatory News
    News

    ECB Allows Temporary Relief in Leverage Ratio Amid COVID-19 Pandemic

    ECB published a decision allowing the euro area banks under its direct supervision to exclude certain central bank exposures from the leverage ratio.

    September 21, 2020 WebPage Regulatory News
    News

    ESAs Launch Survey on Templates for Product Disclosures Under SFDR

    ESAs launched a survey seeking feedback on the presentational aspects of product templates under the Sustainable Finance Disclosure Regulation (SFDR or Regulation 2019/2088).

    September 21, 2020 WebPage Regulatory News
    News

    ECB Proposes Integrated Reporting Framework to Reduce Burden for Banks

    ECB published input of the European System of Central Banks (ESCB) into the EBA feasibility report on reducing the reporting burden for banks in EU.

    September 21, 2020 WebPage Regulatory News
    News

    EC Deems UK Framework for CCPs Temporarily Equivalent to EMIR Rules

    EC adopted a decision determining, for a limited period of time, that the regulatory framework applicable to central counterparties, or CCPs, in the UK and Northern Ireland is equivalent to the requirements laid down in the European Market Infrastructure Regulation (EMIR or Regulation 648/2012).

    September 21, 2020 WebPage Regulatory News
    News

    EBA to Phase Out Guidelines on Loan Repayment Moratoria

    EBA has decided to phase out the guidelines on legislative and non-legislative moratoria of loan repayments, in accordance with the earlier specified end of September deadline.

    September 21, 2020 WebPage Regulatory News
    News

    EBA Provides Opinion on Definition of Credit Institution in CRR

    EBA published an Opinion addressed to EC to raise awareness about the opportunity to clarify certain issues related to the definition of credit institution in the upcoming review of the Capital Requirements Directive and Regulation (CRD and CRR).

    September 18, 2020 WebPage Regulatory News
    News

    ECB Finalizes Methodology to Assess CCR and A-CVA Risk of Banks

    ECB finalized the guide on assessment methodology for the internal model method for calculating exposure to counterparty credit risk (CCR) and the advanced method for own funds requirements for credit valuation adjustment (A-CVA) risk.

    September 18, 2020 WebPage Regulatory News
    RESULTS 1 - 10 OF 5820