March 08, 2019

FCA published a report on insights on the cyber resilience practices in the financial industry. The report presents examples of the cyber security practices that firms have shared with FCA. FCA hopes that these practices and experiences will help firms when considering where to prioritize their efforts in increasing cyber resilience.

Since 2017, FCA has brought together over 175 firms across different financial sectors to share information and ideas from their cyber experiences. FCA runs the Cyber Coordination Groups (CCGs) with industry to help improve cyber-security practices among members of the CCGs and their sectors. Over the last year, the groups have been discussing and sharing practices in the areas of Governance, Identification, Protection, Detection, Situational Awareness, Response and Recovery, and Testing. FCA has collated the examples shared by firms and set out those it considers to be beneficial for a wider audience under each of these themes:

  • Putting good governance in place
  • Identifying what needs to be protected
  • Protecting assets appropriately
  • Using good detection systems
  • Being aware of emerging threats and issues
  • Being ready to respond and recover
  • Testing and refining defenses

The insights in this publication may be relevant for small and medium-size firms. However, FCA encourages all firms to consider whether these insights may be useful to them. FCA warns that this document should not be considered as FCA guidance, as it does not set out the FCA expectations about what systems and controls firms should have in place to comply with its regulatory requirements. However, many of the shared examples support existing guidance from the National Cyber Security Center. 

 

Related Links

Keywords: Europe, UK, Banking, Securities, Insurance, Cyber Resilience, Cyber Risk, Cyber Security, Regtech, FCA

Related Articles
News

BCBS and IOSCO Extend Implementation of Final Phase of Margin Rules

BCBS and IOSCO agree to one-year extension of the final implementation phase of the margin requirements for non centrally cleared derivatives.

July 23, 2019 WebPage Regulatory News
News

APRA Proposes Stronger Remuneration Requirements in Australia

APRA is proposing to strengthen prudential requirements for remuneration across all APRA-regulated entities in the banking, insurance, and superannuation industries by issuing CPS 511, a new prudential standard on remuneration.

July 23, 2019 WebPage Regulatory News
News

PRA Consults on Availability of Group Own Funds Under Solvency II

PRA published a consultation paper (CP16/19) that sets out its proposed approach to the determination of the availability of subordinated liabilities and preference shares in group own funds.

July 22, 2019 WebPage Regulatory News
News

EIOPA Consults on Methodological Principles for Insurer Stress Testing

EIOPA published a discussion paper on the methodological principles for stress testing the insurance sector in EU.

July 22, 2019 WebPage Regulatory News
News

US Agencies Adopt Rule to Exclude Community Banks from Volcker Rule

US Agencies (CFTC, FDIC, FED, OCC, and SEC) adopted a final rule to exclude community banks from the Volcker Rule, in line with amendments to certain sections of the Economic Growth, Regulatory Relief, and Consumer Protection (EGRRCP) Act.

July 22, 2019 WebPage Regulatory News
News

US Agencies Adopt Amendments to Simplify Regulatory Capital Rules

US Agencies (FDIC, FED, and OCC) adopted a final rule that reduces regulatory burden by simplifying several requirements in the regulatory capital rules for banks.

July 22, 2019 WebPage Regulatory News
News

IA of Hong Kong Delegates Inspection and Investigation Powers to HKMA

HKMA and IA of Hong Kong jointly issued a statement announcing the delegation of the inspection and investigation powers of IA to HKMA, pursuant to the statutory regulatory regime for insurance intermediaries under the Insurance Ordinance.

July 19, 2019 WebPage Regulatory News
News

FSB Extends Implementation Timeline for Policy Recommendations on SFTs

FSB announced adjustments to the implementation timelines for its recommendations on securities financing transactions (SFTs), specifically those related to the minimum haircut standards for non-centrally cleared SFTs.

July 19, 2019 WebPage Regulatory News
News

EBA Single Rulebook Q&A: Third Update for July 2019

EBA published answers to six questions under the Single Rulebook question and answer (Q&A) tool this week.

July 19, 2019 WebPage Regulatory News
News

EBA Report Assesses Regulatory Framework for Fintech Activities

EBA published the findings of its analysis on the regulatory framework applicable to fintech firms when accessing the market.

July 18, 2019 WebPage Regulatory News
RESULTS 1 - 10 OF 3494