CBB Amends Capital Adequacy Rules, Proposes Cybersecurity Controls
The Central Bank of Bahrain (CBB) amended the Capital Adequacy Module (Module CA) of the CBB Rulebook Volume 1 for conventional banks and Volume 2 for Islamic banks. The regulator also proposed standards on financial cybersecurity controls, which will be incorporated within all volumes of the CBB Rulebook, with the comment period ending on November 22, 2022.
Amendments to Capital Adequacy Module. CBB has amended paragraphs CA-3.2.19B and CA-4.2.19B in the Capital Adequacy Module (Module CA) of CBB Rulebook Volumes 1 and 2 respectively, to facilitate the implementation of social housing schemes and encourage participation from retail banks. The regulatory text now reads as follows:
- CA-3.2.19B of CBB Rulebook Volume 1: The risk-weight for residential mortgage exposure granted under the social housing schemes of the Kingdom of Bahrain was reduced to 25%, subject to meeting conditions (a) and (b) in CA-3.2.19A. The reduced risk-weight is subject to ensuring compliance with the requirements for timely recognition of expected credit loss (ECL) as per the credit risk management module (Module CM).
- CA-4.2.19B of CBB Rulebook Volume 2: The risk-weight for residential mortgage exposure granted under the social housing schemes of the Kingdom of Bahrain was reduced to 25% subject to meeting conditions (a) and (b) in CA-4.2.19A. The reduced risk-weight is subject to ensuring compliance with the requirements for timely recognition of ECL as per the credit risk management module (Module CM).
The draft standards on financial cybersecurity controls were developed by the Ministry of Interior’s National Cybersecurity Controls (NCSC) to guide the financial entities toward robust cybersecurity control mechanism. The draft standards address the best practices to be implemented in seven domains:
- Cybersecurity Governance ensures that the entity is fully aware of cybersecurity goals and that all actions taken are in the correct direction toward the achievement of cybersecurity goals. It covers roles and responsibilities, cybersecurity risk management, strategies, policies and procedures, asset management, change management, cybersecurity continuity management, cybersecurity awareness and training.
- Cybersecurity of Financial Technology intends to provide the required cybersecurity measures to be considered when acquisition, developing and managing financial systems.
- Cyber Defense provides effective cybersecurity defense processes to ensure their effectiveness in protecting networks, systems, applications, and information technology services of the entity.
- Cybersecurity Assessment aims to guide the financial entities in performing vulnerability assessment and penetration testing.
- Cybersecurity of Third-Party aims to protect entity from third-party misconduct, lists cybersecurity controls starting from selecting a third-party until the termination of the third-party contract.
- Cybersecurity Incident Management provides controls to minimize the impact of current and future incidents.
- Cybersecurity Audit aims to maximize the effectiveness of cybersecurity requirements of the financial entity by conducting audits to ensure compliance with established policies, operational procedures, and relevant standard, legal, and technical requirements.
Related Links
- Consultation on Financial Cybersecurity Controls
- Financial Cybersecurity Controls (PDF)
- Amendments to Capital Adequacy Module (PDF)
Keywords: Middle East and Africa, Bahrain, Banking, Regtech, Fintech, Cyber Risk, Third Party Risk, CBB Rulebook, Regulatory Capital, Islamic Banking, Basel, Credit Risk, ECL, IFRS 9, CBB
Featured Experts
María Cañamero
Skilled market researcher; growth strategist; successful go-to-market campaign developer
Nicolas Degruson
Works with financial institutions, regulatory experts, business analysts, product managers, and software engineers to drive regulatory solutions across the globe.
Patrycja Oleksza
Applies proficiency and knowledge to regulatory capital and reporting analysis and coordinates business and product strategies in the banking technology area
Related Articles
BIS and Central Banks Experiment with GenAI to Assess Climate Risks
A recent report from the Bank for International Settlements (BIS) Innovation Hub details Project Gaia, a collaboration between the BIS Innovation Hub Eurosystem Center and certain central banks in Europe
Nearly 25% G-SIBs Commit to Adopting TNFD Nature-Related Disclosures
Nature-related risks are increasing in severity and frequency, affecting businesses, capital providers, financial systems, and economies.
Singapore to Mandate Climate Disclosures from FY2025
Singapore recently took a significant step toward turning climate ambition into action, with the introduction of mandatory climate-related disclosures for listed and large non-listed companies
SEC Finalizes Climate-Related Disclosures Rule
The U.S. Securities and Exchange Commission (SEC) has finalized the long-awaited rule that mandates climate-related disclosures for domestic and foreign publicly listed companies in the U.S.
EBA Proposes Standards Related to Standardized Credit Risk Approach
The European Banking Authority (EBA) has been taking significant steps toward implementing the Basel III framework and strengthening the regulatory framework for credit institutions in the EU
US Regulators Release Stress Test Scenarios for Banks
The U.S. regulators recently released baseline and severely adverse scenarios, along with other details, for stress testing the banks in 2024. The relevant U.S. banking regulators are the Federal Reserve Bank (FED), the Federal Deposit Insurance Corporation (FDIC), and the Office of the Comptroller of the Currency (OCC).
Asian Governments Aim for Interoperability in AI Governance Frameworks
The regulatory landscape for artificial intelligence (AI), including the generative kind, is evolving rapidly, with governments and regulators aiming to address the challenges and opportunities presented by this transformative technology.
EBA Proposes Operational Risk Standards Under Final Basel III Package
The European Union (EU) has been working on the final elements of Basel III standards, with endorsement of the Banking Package and the publication of the European Banking Authority (EBA) roadmap on Basel III implementation in December 2023.
EFRAG Proposes XBRL Taxonomy and Standard for Listed SMEs Under ESRS
The European Financial Reporting Advisory Group (EFRAG), which plays a crucial role in shaping corporate reporting standards in European Union (EU), is seeking comments, until May 21, 2024, on the Exposure Draft ESRS for listed SMEs.
ECB to Expand Climate Change Work in 2024-2025
Banking regulators worldwide are increasingly focusing on addressing, monitoring, and supervising the institutions' exposure to climate and environmental risks.