FCA to Comply with EBA Guidelines on ICT and Security Risk Management

By Regulatory News

June 25, 2020

Coronavirus

FCA published a statement on its intention to comply with the EBA guidelines on information and communication technology (ICT) and security risk management for credit institutions, investment firms, and payment service providers. The guidelines, which were published in November 2019, enter into force on June 30, 2020. In its statement, FCA also points out that it is in the process of consulting on new requirements to strengthen operational resilience in the financial services sector. FCA expects to publish the final rules on operation resilience in the first quarter of 2021, including providing further information on the links between its operational resilience policy and the EBA guidelines.

In March 2020, FCA had extended the comment period for its consultation (CP19/32) on operational resilience until October 01, 2020. Firms and financial market infrastructures are not expected to be required to meet requirements resulting from this consultation before the end of 2021. While operational resilience remains a top priority for FCA, PRA, and BoE, the later publication date and implementation timetable are intended to alleviate burden on firms and financial market infrastructures in the wake of the COVID-19 outbreak. FCA welcomes feedback from firms to its consultation and their experiences in embedding the requirements of the EBA guidelines.

All credit institutions, investment firms, and payment service providers will be expected to make every effort to comply with the EBA guidelines. Firms should also refer to the EBA "further guidance" on the use of flexibility in relation to COVID-19 and the implementation of the guidelines on ICT and security risk management. Consistent with the EBA "further guidance," FCA will apply reasonable supervisory flexibility when assessing the implementation of the ICT and security management guidelines, given the ongoing COVID-19 crisis.

Related Links

Effective Date: June 30, 2020

Keywords: Europe, EU, UK, Banking, Securities, Insurance, FMI, COVID-19, Operational Resilience, Cyber Risk, CP 19/32, PRA, BoE, FCA

EC Amends Rule for Prudent Valuation Under CRR Amid COVID-19 Pandemic

FED Publishes Results of Stress Test and COVID Sensitivity Analysis

News

EBA Provides Clarity on Implementation of Certain COVID-19 Policies

EBA published a report on the implementation of selected COVID-19 policies within the prudential framework for banking sector.

July 07, 2020 WebPage Regulatory News

News

BCBS Report Examines Progress on Adoption of Basel III Framework

BCBS published the eighteenth progress report on implementation of the Basel III regulatory framework in member jurisdictions.

July 06, 2020 WebPage Regulatory News

News

BCBS Amends Guidelines on Sound Management of AML/CFT Risks

BCBS amended the guidelines on sound management of risks related to money laundering and financing of terrorism (ML/FT).

July 02, 2020 WebPage Regulatory News

News

US Agencies Finalize Amendments to Swap Margin Rule

US Agencies (Farm Credit Administration, FDIC, FED, FHFA, and OCC) finalized changes to the swap margin rule to facilitate implementation of prudent risk management strategies at banks and other entities with significant swap activities.