Featured Product

    FSB Sets Out Effective Practices for Cyber Incident Recovery

    October 19, 2020

    FSB finalized the toolkit of effective practices to assist financial institutions in their cyber incident response and recovery activities. The toolkit includes 49 practices for effective cyber incident response and recovery across seven components, which are governance, planning and preparation, analysis, mitigation, restoration and recovery, coordination and communication, and improvement. The final toolkit was delivered to G20 Finance Ministers and Central Bank Governors for their October meeting. FSB also published an overview of responses received to the consultation on this toolkit. The overview explains the main issues raised in the public consultation, along with the changes made to the final toolkit to address these issues.

    The toolkit presents effective practices that organizations have adopted while taking into account jurisdictions’ legislative, judicial, and regulatory frameworks, the size of the organization, the role of the organization in the financial ecosystem, and the extent to which stakeholders are affected by a cyber incident. The toolkit is composed as a resource and reference guide for effective practices using common cyber-taxonomies in a manner aligned to industry standards accessible to senior management, board of directors, or other governance or compliance, risk, and legal professionals that interface with cybersecurity technical experts in the organization, the standard-setting bodies, or the authorities. While many of these effective practices are already in use by larger organizations, they could also be valuable for smaller and less complex organizations to help strengthen their cyber resilience. FSB points out that the COVID-19 pandemic highlighted the need for many organizations and authorities to consider adjustments to cyber risk management processes, cyber incident reporting, cyber incident response, and recovery activities as well as management of critical third-party service providers (for example, cloud services) and relevant stakeholders. Effective preparation and testing of incident response and recovery plans, particularly business continuity planning, facilitated organizations’ transition to remote work and operations. Furthermore, effective communication across the supply chain, including through intra-group entities and third-party service providers, is often highlighted as a key challenge.

    The draft toolkit of effective practices was published for public consultation in April 2020. In developing the consultative document, FSB conducted a stocktake of publicly released guidance from national authorities, international organizations and other external stakeholders; reviewed existing standards and case studies on past cyber incidents; and engaged with external stakeholders at workshops and bilateral meetings. FSB also drew on insights from national authorities based on their supervisory work. The public consultation period ended on July 20, 2020 and 58 responses were received from a wide range of external stakeholders, including banks, insurers, financial market intermediaries, industry associations, IT service providers, and public authorities. Drawing on the feedback from the public consultation, FSB further clarified the proportionate and risk-based nature of the toolkit to improve its usability. Second, the toolkit is better aligned with industry practices and international standards. 

     

    Related Links

    Keywords: International, Banking, Insurance, Securities, Cyber Risk, Governance, Cyber Incident, Responses and Recovery, Toolkit, Operational Risk, COVID-19, Cloud Computing, Third-Party Arrangements, FSB

    Related Articles
    News

    EBA Analyzes Impact of Unwind Mechanism of Liquidity Coverage Ratio

    EBA published a report analyzing the impact of the unwind mechanism of the liquidity coverage ratio (LCR) for a sample of European banks over a three-year period, from the end of 2016 to the first quarter of 2020.

    November 19, 2020 WebPage Regulatory News
    News

    ECB Outlines Views on Possible Changes to AnaCredit Rule and TLTROs

    In response to questions from a member of the European Parliament, the ECB President Christine Lagarde issued a letter clarifying the possibility of amending the AnaCredit Regulation and making targeted longer-term refinancing operations (TLTROs) dependent on the climate-related impact of bank loans.

    November 19, 2020 WebPage Regulatory News
    News

    IASB Begins First Phase of Post-Implementation Review of IFRS 9

    IASB started the post-implementation review of the classification and measurement requirements in IFRS 9 on financial instruments and added the review as a project to its work plan.

    November 18, 2020 WebPage Regulatory News
    News

    FSB Report Examines Progress in Resolvability of Systemic Institutions

    FSB published a report that examines progress in implementing policy measures to enhance the resolvability of systemically important financial institutions.

    November 18, 2020 WebPage Regulatory News
    News

    EBA Benchmarks National Insolvency Frameworks Across EU

    EBA published a report on the benchmarking of national loan enforcement frameworks across 27 EU member states, in response to the call for advice from EC.

    November 18, 2020 WebPage Regulatory News
    News

    FSB Reports Assess Impact of Pandemic on Financial Stability

    FSB published a letter from its Chair Randal K. Quarles, along with two reports exploring various aspects of the market turmoil resulting from the COVID-19 event.

    November 17, 2020 WebPage Regulatory News
    News

    RBNZ Consults on Implementation of Capital Review Changes

    RBNZ launched a consultation on the details for implementing the final Capital Review decisions announced in December 2019.

    November 17, 2020 WebPage Regulatory News
    News

    IASB Announces Andreas Barckow as the New Chair from July 2021

    The Trustees of the IFRS Foundation, which are responsible for the governance and oversight of IASB, have announced the appointment of Dr. Andreas Barckow as the IASB Chair, effective July 2021.

    November 17, 2020 WebPage Regulatory News
    News

    HKMA Consults on Capital Rules for Bank Equity Investments in Funds

    HKMA issued a letter to consult the banking industry on a full set of proposed draft amendments to the Banking (Capital) Rules for implementing the Basel standard on capital requirements for banks’ equity investments in funds in Hong Kong.

    November 17, 2020 WebPage Regulatory News
    News

    ESRB Supports Extension of Macro-Prudential Measure by Swedish FSA

    ESRB published an opinion assessing the decision of Swedish Financial Supervisory Authority (FSA) to extend the application period of a stricter measure for residential mortgage lending, in accordance with Article 458 of the Capital Requirements Regulation (CRR).

    November 17, 2020 WebPage Regulatory News
    RESULTS 1 - 10 OF 6153