FCA Issues Insights on Cyber Resilience Practices in Financial Sector

By Regulatory News

March 08, 2019

FCA published a report on insights on the cyber resilience practices in the financial industry. The report presents examples of the cyber security practices that firms have shared with FCA. FCA hopes that these practices and experiences will help firms when considering where to prioritize their efforts in increasing cyber resilience.

Since 2017, FCA has brought together over 175 firms across different financial sectors to share information and ideas from their cyber experiences. FCA runs the Cyber Coordination Groups (CCGs) with industry to help improve cyber-security practices among members of the CCGs and their sectors. Over the last year, the groups have been discussing and sharing practices in the areas of Governance, Identification, Protection, Detection, Situational Awareness, Response and Recovery, and Testing. FCA has collated the examples shared by firms and set out those it considers to be beneficial for a wider audience under each of these themes:

Putting good governance in place
Identifying what needs to be protected
Protecting assets appropriately
Using good detection systems
Being aware of emerging threats and issues
Being ready to respond and recover
Testing and refining defenses

The insights in this publication may be relevant for small and medium-size firms. However, FCA encourages all firms to consider whether these insights may be useful to them. FCA warns that this document should not be considered as FCA guidance, as it does not set out the FCA expectations about what systems and controls firms should have in place to comply with its regulatory requirements. However, many of the shared examples support existing guidance from the National Cyber Security Center.

Related Links

Keywords: Europe, UK, Banking, Securities, Insurance, Cyber Resilience, Cyber Risk, Cyber Security, Regtech, FCA

ECB Updates Lists of Entities and National Identifiers Under AnaCredit

FDIC Updates Call Reports Implementing CECL Related Changes

News

MAS Concludes Blockchain Payments Prototype Shows Commercial Potential

MAS and Temasek jointly released a report to mark the successful conclusion of the fifth and final phase of Project Ubin, which focused on building a blockchain-based multi-currency payments network prototype.

July 13, 2020 WebPage Regulatory News

News

EBA Publishes Phase 2 of Technical Package on Reporting Framework 2.10

EBA published phase 2 of the technical package on the reporting framework 2.10, providing the technical tools and specifications for implementation of EBA reporting requirements.

July 10, 2020 WebPage Regulatory News

News

APRA Updates Reporting Validation Rules in July 2020

APRA updated the lists of the Direct to APRA (D2A) validation rules for authorized deposit-taking institutions, insurers, and superannuation entities.

July 10, 2020 WebPage Regulatory News

News

PRA to Partly Apply EBA Guidelines on Disclosures for COVID Measures

PRA updated the statement that provides guidance to regulated firms on implementation of the EBA guidelines on reporting and disclosure of exposures subject to measures applied in response to the COVID-19 crisis.

July 10, 2020 WebPage Regulatory News

News

EBA Updates List of Correlated Currencies Under CRR

EBA updated the 2019 list of closely correlated currencies that was originally published in December 2013.

July 10, 2020 WebPage Regulatory News

News

FASB Proposes to Delay Implementation of Insurance Contracts Standard

FASB issued a proposed Accounting Standards Update that would grant insurance companies, adversely affected by the COVID-19 pandemic, an additional year to implement the Accounting Standards Update No. 2018-12 on targeted improvements to accounting for long-duration insurance contracts, or LDTI (Topic 944).