FCA published a statement on its intention to comply with the EBA guidelines on information and communication technology (ICT) and security risk management for credit institutions, investment firms, and payment service providers. The guidelines, which were published in November 2019, enter into force on June 30, 2020. In its statement, FCA also points out that it is in the process of consulting on new requirements to strengthen operational resilience in the financial services sector. FCA expects to publish the final rules on operation resilience in the first quarter of 2021, including providing further information on the links between its operational resilience policy and the EBA guidelines.
In March 2020, FCA had extended the comment period for its consultation (CP19/32) on operational resilience until October 01, 2020. Firms and financial market infrastructures are not expected to be required to meet requirements resulting from this consultation before the end of 2021. While operational resilience remains a top priority for FCA, PRA, and BoE, the later publication date and implementation timetable are intended to alleviate burden on firms and financial market infrastructures in the wake of the COVID-19 outbreak. FCA welcomes feedback from firms to its consultation and their experiences in embedding the requirements of the EBA guidelines.
All credit institutions, investment firms, and payment service providers will be expected to make every effort to comply with the EBA guidelines. Firms should also refer to the EBA "further guidance" on the use of flexibility in relation to COVID-19 and the implementation of the guidelines on ICT and security risk management. Consistent with the EBA "further guidance," FCA will apply reasonable supervisory flexibility when assessing the implementation of the ICT and security management guidelines, given the ongoing COVID-19 crisis.
Effective Date: June 30, 2020
Keywords: Europe, EU, UK, Banking, Securities, Insurance, FMI, COVID-19, Operational Resilience, Cyber Risk, CP 19/32, PRA, BoE, FCA
Leading economist; commercial real estate; performance forecasting, econometric infrastructure; data modeling; credit risk modeling; portfolio assessment; custom commercial real estate analysis; thought leader.
Previous ArticleJFSA Defers Final Two Phases of Margin Rules for OTC Derivatives
OSFI proposed revisions to the Basel Capital Adequacy Reporting (BCAR) and leverage requirements returns for the 2023 reporting, with the comment period ending on July 09, 2021.
EBA published a discussion paper on review of the standardized nonperforming loans (NPL) transaction data templates, along with the proposed revised NPL data templates.
Bundesbank updated AnaCredit reporting requirements for banks, with reference to the Notice 8001/2020.
CBUAE has issued a regulation that introduces the licensing and supervision framework for low-risk, specialized banks.
APRA is consulting on CPG 511—the draft Prudential Practice Guide on remuneration for banks, insurers, and superannuation licensees—with the comment period ending on July 23, 2021.
MAS announced a new RegTech grant scheme and an enhancement of the Digital Acceleration Grant (DAG) scheme to accelerate technology adoption in the financial sector.
PRA published a letter that sets out findings from the 2020 Internal Audit Review of the Collections function of a sample of non-systemic banks and building societies.
EIOPA launched a consultation on the Interbank Offered Rate (IBOR) transitions, in context of the EU Benchmarks Regulation.
The Trustees of the IFRS Foundation proposed amendments to the Constitution of the IFRS Foundation to accommodate the potential formation of the new International Sustainability Standards Board within the governance structure of the organization.
BCB amended the resolution that establishes technical requirements and operational procedures for the implementation of open banking in Brazil, with the amended resolution entering into force on its publication date.