Featured Product

    APRA Consults on First Prudential Standard for Tackling Cyber Attacks

    March 07, 2018

    APRA has responded to the growing threat of cyber attacks by proposing its first prudential standard on information security, known as CPS 234. APRA released a package of measures, titled “Information Security Management: A new cross-industry prudential standard,” for industry consultation. The package is aimed at shoring up the ability of APRA-regulated entities to repel cyber adversaries, or respond swiftly and effectively in the event of a breach. Comment period is open until June 07, 2018.

    Key areas where APRA is hoping to lift standards include assurance over the cyber capabilities of third parties such as service providers and enhancing entities’ ability to respond to, and recover from, cyber incidents. APRA proposes to apply this standard authorized deposit-taking institutions, general insurers, life insurers, private health insurers, licensees of registrable superannuation entities (RSE licensees), and authorized or registered non-operating holding companies. APRA intends to finalize the proposed standard toward the end of the year, with a view to implementing CPS 234 from July 01 next year. The proposed new standard, CPS 234, would require regulated entities to:

    • Clearly define the information security-related roles and responsibilities of the board, senior management, governing bodies, and individuals
    • Maintain information security capability commensurate with the size and extent of threats to information assets and which enables the continued sound operation of the entity
    • Implement information security controls to protect its information assets and undertake systematic testing and assurance regarding the effectiveness of those controls
    • Have robust mechanisms in place to detect and respond to information security incidents in a timely manner
    • Notify APRA of material information security incidents

     

    Related Links

    Comment Due Date: June 07, 2018

    Keywords: Asia Pacific, Australia, Banking, Insurance, CPS 234, Cyber Risk, Prudential Standard, APRA

    Related Articles
    News

    ECB Finalizes Methodology to Assess CCR and A-CVA Risk of Banks

    ECB finalized the guide on assessment methodology for the internal model method for calculating exposure to counterparty credit risk (CCR) and the advanced method for own funds requirements for credit valuation adjustment (A-CVA) risk.

    September 18, 2020 WebPage Regulatory News
    News

    EBA Provides Opinion on Definition of Credit Institution in CRR

    EBA published an Opinion addressed to EC to raise awareness about the opportunity to clarify certain issues related to the definition of credit institution in the upcoming review of the Capital Requirements Directive and Regulation (CRD and CRR).

    September 18, 2020 WebPage Regulatory News
    News

    APRA Consults on Alignment of Daily Liquidity Report for Banks

    APRA is consulting on updates to ARS 210.0, the reporting standard that sets out requirements for provision of information on liquidity and funding of an authorized deposit-taking institution.

    September 17, 2020 WebPage Regulatory News
    News

    FED Releases Scenarios for Second Round of Stress Tests on Banks

    FED released hypothetical scenarios for a second round of stress tests for banks.

    September 17, 2020 WebPage Regulatory News
    News

    PRA Announces Update on Supervisory Benchmarking Portfolio Exercise

    PRA published updates in relation to the 2021 Supervisory Benchmarking Portfolio exercise.

    September 14, 2020 WebPage Regulatory News
    News

    FED Revises and Extends Capital Assessment and Stress Testing Reports

    FED adopted a proposal to extend for three years, with revision, the capital assessments and stress testing reports (FR Y-14A/Q/M; OMB No. 7100-0341).

    September 14, 2020 WebPage Regulatory News
    News

    HKMA Updates Policy Module for Non-Centrally Cleared OTC Derivatives

    HKMA revised the Supervisory Policy Manual module CR-G-14 on margin and other risk mitigation standards for non-centrally cleared over-the-counter (OTC) derivatives transactions.

    September 11, 2020 WebPage Regulatory News
    News

    EBA Updates List of Validation Rules for Reporting by Banks

    EBA issued a revised list of validation rules with respect to the implementing technical standards on supervisory reporting.

    September 10, 2020 WebPage Regulatory News
    News

    EBA Responds to EC Call for Advice to Strengthen AML/CFT Framework

    EBA published its response to the call for advice of EC on ways to strengthen the EU legal framework on anti-money laundering and countering the financing of terrorism (AML/CFT).

    September 10, 2020 WebPage Regulatory News
    News

    NGFS Advocates Environmental Risk Analysis for Financial Sector

    NGFS published a paper on the overview of environmental risk analysis by financial institutions and an occasional paper on the case studies on environmental risk analysis methodologies.

    September 10, 2020 WebPage Regulatory News
    RESULTS 1 - 10 OF 5803