Featured Product

    CBK Publishes Cybersecurity Framework for Banking Sector in Kuwait

    February 18, 2020

    CBK published the cybersecurity framework for banking sector in Kuwait. The framework defines three core principles that enhance the cybersecurity and resilience capabilities of banking sector: governance, risk management, and compliance; collaboration, and continual improvement. The framework is applicable to all regulated entities supervised by CBK. The framework is issued for the board of directors, senior management, information security professionals, information technology professionals, and others who are responsible for establishing, implementing, and ensuring the compliance of their entity with the framework.

    The strategic framework consists of the following integrated initiatives for banking sector in Kuwait:

    • The first initiative establishes a mechanism for the Information Security Working Group of the banking sector by defining the methodology, scope, and responsibilities of team members. An emphasis is placed on confidentiality, information and data privacy, and absence of conflicts of interest.
    • The second initiative lays down principles for dealing with cyber risks, which include defining governance requirements, risk management, compliance, crisis management, response and recovery, and collaboration and information-sharing. Additionally, it includes continuous improvements and developments in the field of cybersecurity.
    • The third initiative sets the baseline requirements of information security controls. This initiative is among the most important stages of the project, as it provides detailed security controls that all regulated entities must comply to. It covers governance, risk management, compliance, securing of infrastructure and operations, and dealing with third-party risks and protecting electronic payment systems. All banks must comply with all baseline control requirements set forth in the initiative, through the completion of inherit risk and cyber risk self-assessment, to prove their readiness to address cybersecurity risks
    • The strategic framework also develops a Cyber Crisis Management Strategy and Plan. It introduces a complete framework for managing cyber crisis. Moreover, the Strategy and Plan provides a holistic view of crisis management, including reports, as well as the prescribed response measures. Furthermore, this plan provides a matrix to measure the impact of potential risks.
    • Among the initiatives included in the framework is also the development of a mechanism for dealing with, reporting, and sharing of information between banks, in accordance with the highest international standards. 
    • The framework also introduces the development of a platform for cyber threat intelligence sharing.

     

    Related Links

    Keywords: Middle East and Africa, Kuwait, Banking, Cyber Risk, Governance, ESG, Cybersecurity Framework, Operational Risk, Third-party Arrangement, Cloud Computing, CBK

    Related Articles
    News

    EC Rule on Contractual Recognition of Write Down and Conversion Powers

    The European Commission (EC) published the Delegated Regulation 2021/1527 with regard to the regulatory technical standards for the contractual recognition of write down and conversion powers.

    September 17, 2021 WebPage Regulatory News
    News

    APRA Issues Further Guidance on Application of Securitization Standard

    The Australian Prudential Regulation Authority (APRA) published a new set of frequently asked questions (FAQs) to provide guidance to authorized deposit-taking institutions on the interpretation of APS 120, the prudential standard on securitization.

    September 16, 2021 WebPage Regulatory News
    News

    SRB Provides Update on Approach to Prior Permissions Regime

    The Single Resolution Board (SRB) published a Communication on the application of regulatory technical standard provisions on prior permission for reducing eligible liabilities instruments as of January 01, 2022.

    September 16, 2021 WebPage Regulatory News
    News

    APRA Publishes FAQs on Capital Treatment of Overseas Subsidiaries

    The Australian Prudential Regulation Authority (APRA) published a new set of frequently asked questions (FAQs) to clarify the regulatory capital treatment of investments in the overseas deposit-taking and insurance subsidiaries.

    September 15, 2021 WebPage Regulatory News
    News

    EBA Finalizes Guidance to Assess Breaches of Large Exposure Limits

    The European Banking Authority (EBA) published the final report on the guidelines specifying the criteria to assess the exceptional cases when institutions exceed the large exposure limits and the time and measures needed for institutions to return to compliance.

    September 15, 2021 WebPage Regulatory News
    News

    PRA Finalizes Changes to Consolidated Prudential Rules Under CRD5/CRR2

    The Prudential Regulation Authority (PRA) issued the policy statement PS20/21, which contains final rules for the application of existing consolidated prudential requirements to financial holding companies and mixed financial holding companies.

    September 15, 2021 WebPage Regulatory News
    News

    EBA Revises Guidelines on Stress Tests of Deposit Guarantee Schemes

    The European Banking Authority (EBA) revised the guidelines on stress tests to be conducted by the national deposit guarantee schemes under the Deposit Guarantee Schemes Directive (DGSD).

    September 15, 2021 WebPage Regulatory News
    News

    Nordea Bank and EIB Sign Agreement to Fund Green Projects in Nordics

    The European Commission (EC) announced that Nordea Bank has signed a guarantee agreement with the European Investment Bank (EIB) Group to support the sustainable transformation of businesses in the Nordics.

    September 15, 2021 WebPage Regulatory News
    News

    HKMA Endorses Industry Guidance to Support LIBOR Transition

    The Hong Kong Monetary Authority (HKMA) issued a circular, for all authorized institutions, to confirm its support of an information note that sets out various options available in the loan market for replacing USD LIBOR with the Secured Overnight Financing Rate (SOFR).

    September 14, 2021 WebPage Regulatory News
    News

    OCC Issues Booklet on Supervision of Problem Banks

    The Office of the Comptroller of the Currency (OCC) issued a new "Problem Bank Supervision" booklet of the Comptroller's Handbook. The booklet covers information on timely identification and rehabilitation of problem banks and their advanced supervision, enforcement, and resolution when conditions warrant.

    September 13, 2021 WebPage Regulatory News
    RESULTS 1 - 10 OF 7481