HKMA Revises Guidance on Risk Management of Electronic Banking
HKMA issued a revised version of the Supervisory Policy Manual module TM-E-1 on risk management of electronic banking (e-banking). This module sets out guidance on the sound risk management principles and practices applicable to authorized institutions’ e-banking services. The guidance took into account the latest developments in banking industry, in relevant technologies, and in supervisory guidance used in other major jurisdictions. The guidance is intended to facilitate further development of e-banking in Hong Kong while enhancing the risk management controls of the industry.
Given that e-banking involves the delivery of financial services through technological means, both general risk management principles applicable to the provision of the underlying financial services and the typical technological controls are applicable to e-banking. This module does not repeat the general guidance of HKMA in these areas, instead it elaborates on how the relevant risk management measures may be applied or refined in case of e-banking for different types of customers. Authorized institutions should use a risk-based approach to managing the risks associated with e-banking. In this connection, authorized institutions should comply with the requirements in this module and should also make reference to other relevant Supervisory Policy Manual modules and HKMA guidance issued from time to time.
As part of the risk governance for e-banking, authorized institutions’ senior management should establish clear policies and accountability to ensure that a rigorous independent assessment is performed before the launch of any new electronic delivery channel of e-banking service, or a major enhancement to existing services. The purpose of the independent assessment is to validate whether the e-banking service complies with applicable regulatory guidance and whether sufficient risk management controls are in place in relation to the service or enhancement concerned. In general, items to be reported in the independent assessment should cover, at a minimum, the areas specified in Annex A, and the report should be submitted to HKMA on request.
Keywords: Asia Pacific, Hong Kong, Banking, E-Banking, Risk Management, Supervisory Policy Manual, Independent Assessment, HKMA
Featured Experts
María Cañamero
Skilled market researcher; growth strategist; successful go-to-market campaign developer
Nicolas Degruson
Works with financial institutions, regulatory experts, business analysts, product managers, and software engineers to drive regulatory solutions across the globe.
Patrycja Oleksza
Applies proficiency and knowledge to regulatory capital and reporting analysis and coordinates business and product strategies in the banking technology area
Previous Article
FDIC Adopts Revisions to Company-Run Stress Testing RequirementsRelated Articles
US Agencies Issue Regulatory Updates, FDIC Launches Tech Sprint
The Board of Governors of the Federal Reserve System (FED) published the final rule that amends Regulation I to reduce the quarterly reporting burden for member banks by automating the application process for adjusting their subscriptions to the Federal Reserve Bank capital stock, except in the context of mergers.
EBA Issues Guide on Bank Resolvability, Consults on Transferability
The European Banking Authority (EBA) published its assessment of risks through the quarterly Risk Dashboard and the results of the Autumn edition of the Risk Assessment Questionnaire (RAQ).
HKMA Extends Repayment for Trade Facilities, Consults on Crypto-Assets
The Hong Kong Monetary Authority (HKMA) published a circular, along with the reporting form and instructions, for self-assessment, by authorized institutions, of compliance with the Code of Banking Practice 2021.
FCA Registers Securitization Repositories; PRA Issues 2022 Priorities
The Financial Conduct Authority (FCA) decided to register European DataWarehouse Ltd and SecRep Limited as securitization repositories under the UK Securitization Regulation, with effect from January 17, 2022.
EC Regulation Sets Out Methods for Measuring K-Factors Under IFR
The European Commission (EC) published the Delegated Regulation 2022/25, which supplements the Investment Firms Regulation (IFR or Regulation 2019/2033) with respect to the regulatory technical standards specifying the methods for measuring the K-factors referred to in Article 15 of the IFR.
BIS Studies How Platform Models Impact Financial Stability & Inclusion
The Bank of International Settlements (BIS) published a paper that assesses the ways in which platform-based business models can affect financial inclusion, competition, financial stability and consumer protection.
ESAs Publish List of Financial Conglomerates for 2021
The European Supervisory Authorities (ESAs) published the list of identified financial conglomerates for 2021.
APRA Licenses Two More Banks, Reduces Committed Liquidity Facility
The Australian Prudential Regulation Authority (APRA) updated the list of authorized deposit-taking institutions, granting license to Barclays Bank PLC and Crédit Agricole Corporate and Investment Bank to operate as foreign authorized deposit-taking institutions under the Banking Act 1959.
EU Issues SII Corrigendum; EIOPA Assesses SII Reporting Exemptions
EU published, in the Official Journal of the European Union, a corrigendum to the Delegated Regulation 2015/35, which supplements Solvency II Directive (2009/138/EC).
EBA Opines on Impact of De-Risking and Associated AML/CFT Challenges
The European Banking Authority (EBA) published an Opinion on the scale and impact of de-risking in European Union and the steps that competent authorities should take to tackle unwarranted de-risking.
