Featured Product

    MAS Emphasizes Need to Review Security Controls Amid COVID

    November 10, 2020

    The Cyber Security Advisory Panel (CSAP) of MAS held a meeting in November 2020. At the meeting, the Panel shared insights on cyber risks in the new operating environment and made several recommendations related to the risk profiles of financial institutions and third-party vendors and the use of open-source software. Meanwhile, MAS is also consulting on the requirements to strengthen the identity verification process of financial institutions, with the comment period ending on December 09, 2020. This measure is intended to address the risk of impersonation fraud arising from the theft and misuse of an individual’s personal particulars.

    The MAS Managing Director Ravi Menon, who chaired the meeting, said that the "CSAP members have provided useful recommendations on maintaining cyber security against the backdrop of growing reliance on remote working arrangements and cloud service providers." The following are the key recommendations from the CSAP meeting:

    • Reviewing risk profiles and adequacy of risk mitigating measures. The meeting highlighted the need for financial institutions to assess if their existing risk profiles have changed and remain acceptable. This is to ensure that, in the long run, appropriate controls are implemented to mitigate any new risks.  
    • Maintaining oversight of third-party vendors and their controls. With the increased reliance on third-party vendors, the Panel emphasized the need for financial institutions to step up their oversight of these counterparts and to monitor and secure remote access by third-parties to financial institutions’ systems. This is even more important during the COVID-19 pandemic where remote working has become pervasive.
    • Strengthening governance over the use of open-source software. Vulnerabilities in open-source software are typically targeted and exploited by threat actors. The Panel recommended that financial institutions establish policies and procedures on the use of open-source software and to ensure that the code is robustly reviewed and tested before deployment in the IT environment of financial institutions.

    Over two days of virtual meetings, the Panel also exchanged views with the Association of Banks in Singapore Standing Committee on Cyber Security (SCCS) and the Insurance SCCS on enhancing cloud resiliency, monitoring insider threats, and the role of cyber insurance in risk management. Participants included representatives from government agencies such as the Ministry of Communications and Information, the Ministry of Defense, and the Government Technology Agency.

     

    Comment Due Date: December 09, 2020

    Keywords: Asia Pacific, Singapore, Banking, Securities, Cyber Risk, CSAP, COVID-19, Fintech, Regtech, Open Source Software, Cloud Computing, Third Party Vendors, MAS 

    Related Articles
    News

    PRA to Elaborate on Approach to Transposition of CRD5 by Mid-December

    PRA published a statement that explains when to expect further information on the PRA approach to transposing the Capital Requirements Directive (CRD5), including its approach to revisions to the definition of capital for Pillar 2A.

    November 30, 2020 WebPage Regulatory News
    News

    SRB Sets Out Work Program for 2021-2023

    SRB published the work program for 2021-2023, setting out a roadmap to further operationalize the Single Resolution Fund and to achieve robust resolvability of banks under its remit over the next three years.

    November 30, 2020 WebPage Regulatory News
    News

    EIOPA Consults on KPIs on Sustainability for Non-Financial Reporting

    EIOPA is consulting on the relevant ratios to be mandatorily disclosed by insurers and reinsurers falling within the scope of the Non-Financial Reporting Directive as well as on the methodologies to build these ratios.

    November 30, 2020 WebPage Regulatory News
    News

    HM Treasury Extends Consultation Dates for FRF and Solvency II Reviews

    HM Treasury extended the consultation period on Phase II of the Future Regulatory Framework (FRF) Review, from January 19, 2021 to February 19, 2021.

    November 30, 2020 WebPage Regulatory News
    News

    GHOS Endorses Coordinated Approach to Mitigate COVID Risks for Banks

    The Group of Central Bank Governors and Heads of Supervision (GHOS), the oversight body of BCBS, endorsed a coordinated approach to mitigate COVID-19 risks to the global banking system.

    November 30, 2020 WebPage Regulatory News
    News

    US Agencies Issue Statement on LIBOR Transition

    US Agencies (FDIC, FED, and OCC) issued a joint statement encouraging banks to cease entering into new contracts that use USD LIBOR as a reference rate as soon as practicable and in any event by December 31, 2021, to facilitate an orderly LIBOR transition.

    November 30, 2020 WebPage Regulatory News
    News

    ECB Publishes Guide on Management of Climate and Environmental Risks

    ECB finalized guidance on the way it expects banks to prudently manage and transparently disclose climate and other environmental risks under the current prudential rules.

    November 27, 2020 WebPage Regulatory News
    News

    BCBS Amends Capital Treatment of Non-Performing Loan Securitizations

    BCBS published a technical amendment to the capital treatment of securitizations of non-performing loans by banks.

    November 26, 2020 WebPage Regulatory News
    News

    PRA Policy on Stressed VaR and RNIV Calculations Under Market Risk

    PRA published the policy statement PS23/20 on the calculation of stressed value at risk (sVAR) and risks not in value at risk (RNIV) under the market risk framework.

    November 26, 2020 WebPage Regulatory News
    News

    BoE to Move Statistical Data Collection to BEEDs Portal

    BoE announced that the Data and Statistics Division is planning to move collection of statistical data to the BoE Electronic Data Submission (BEEDS) portal.

    November 25, 2020 WebPage Regulatory News
    RESULTS 1 - 10 OF 6179