CBB Amends Requirements for Cyber-Security Incident Reporting
The Central Bank of Bahrain (CBB) is amending requirements under the operational risk management module (Module OM) of Volumes 1 and 2 of the CBB Rulebook for conventional banks and Islamic banks, respectively.
These amendments, which relate to requirements on reporting cyber-security incidents, became effective immediately on publication. The updated requirements specify that on occurrence or detection of any cyber-security incident, whether internal or external, that compromises customer information or disrupts critical services that affect operations, conventional and Islamic bank licensees must contact CBB immediately (within one hour) and submit Section A of the Cyber Security Incident Report (Appendix OM-1) to CBB within two hours. Following the submission of Section A of the Report, the licensee must submit to CBB Section B of the Cyber Security Incident Report (Appendix OM-1) within 10 calendar days of the occurrence of the cyber security incident. Licensees must include all relevant details in the report, including the full root cause analysis of the cyber security incident, its impact on the business operations and customers, and all measures taken by the licensee to stop the attack, mitigate its impact, and ensure that similar events do not recur. In addition, a weekly progress update must be submitted to CBB until the incident is fully resolved.
Related Links
- Notification on Amended Requirements for Conventional Banks
- Module OM for Conventional Banks (PDF)
- Notification on Amended Requirements for Islamic Banks
- Module OM for Islamic Banks (PDF)
Keywords: Middle East and Africa, Bahrain, Banking, Basel, Regtech, Cyber Security, Incident Reporting, Cyber Risk, CBB Rulebook, Islamic Banking, Operational Risk, Module OM, CBB
Featured Experts

María Cañamero
Skilled market researcher; growth strategist; successful go-to-market campaign developer

Nicolas Degruson
Works with financial institutions, regulatory experts, business analysts, product managers, and software engineers to drive regulatory solutions across the globe.

Patrycja Oleksza
Applies proficiency and knowledge to regulatory capital and reporting analysis and coordinates business and product strategies in the banking technology area
Next Article
ECB Issues Opinion on Proposed Amendments to CRRRelated Articles
EBA Proposes Standards for IRRBB Reporting Under Basel Framework
The European Banking Authority (EBA) proposed implementing technical standards on the interest rate risk in the banking book (IRRBB) reporting requirements, with the comment period ending on May 02, 2023.
FED Issues Further Details on Pilot Climate Scenario Analysis Exercise
The U.S. Federal Reserve Board (FED) set out details of the pilot climate scenario analysis exercise to be conducted among the six largest U.S. bank holding companies.
US Agencies Issue Several Regulatory and Reporting Updates
The Board of Governors of the Federal Reserve System (FED) adopted the final rule on Adjustable Interest Rate (LIBOR) Act.
ECB Issues Multiple Reports and Regulatory Updates for Banks
The European Central Bank (ECB) published an updated list of supervised entities, a report on the supervision of less significant institutions (LSIs), a statement on macro-prudential policy.
HKMA Keeps List of D-SIBs Unchanged, Makes Other Announcements
The Hong Kong Monetary Authority (HKMA) published a circular on the prudential treatment of crypto-asset exposures, an update on the status of transition to new interest rate benchmarks.
EU Issues FAQs on Taxonomy Regulation, Rules Under CRD, FICOD and SFDR
The European Commission (EC) adopted the standards addressing supervisory reporting of risk concentrations and intra-group transactions, benchmarking of internal approaches, and authorization of credit institutions.
CBIRC Revises Measures on Corporate Governance Supervision
The China Banking and Insurance Regulatory Commission (CBIRC) issued rules to manage the risk of off-balance sheet business of commercial banks and rules on corporate governance of financial institutions.
HKMA Publications Address Sustainability Issues in Financial Sector
The Hong Kong Monetary Authority (HKMA) made announcements to address sustainability issues in the financial sector.
EBA Updates Address Basel and NPL Requirements for Banks
The European Banking Authority (EBA) published regulatory standards on identification of a group of connected clients (GCC) as well as updated the lists of identified financial conglomerates.
ESMA Publishes 2022 ESEF XBRL Taxonomy and Conformance Suite
The General Board of the European Systemic Risk Board (ESRB), at its December meeting, issued an updated risk assessment via the quarterly risk dashboard and held discussions on key policy priorities to address the systemic risks in the European Union.