HKMA issued a revised version of the Supervisory Policy Manual module TM-E-1 on risk management of electronic banking (e-banking). This module sets out guidance on the sound risk management principles and practices applicable to authorized institutions’ e-banking services. The guidance took into account the latest developments in banking industry, in relevant technologies, and in supervisory guidance used in other major jurisdictions. The guidance is intended to facilitate further development of e-banking in Hong Kong while enhancing the risk management controls of the industry.
Given that e-banking involves the delivery of financial services through technological means, both general risk management principles applicable to the provision of the underlying financial services and the typical technological controls are applicable to e-banking. This module does not repeat the general guidance of HKMA in these areas, instead it elaborates on how the relevant risk management measures may be applied or refined in case of e-banking for different types of customers. Authorized institutions should use a risk-based approach to managing the risks associated with e-banking. In this connection, authorized institutions should comply with the requirements in this module and should also make reference to other relevant Supervisory Policy Manual modules and HKMA guidance issued from time to time.
As part of the risk governance for e-banking, authorized institutions’ senior management should establish clear policies and accountability to ensure that a rigorous independent assessment is performed before the launch of any new electronic delivery channel of e-banking service, or a major enhancement to existing services. The purpose of the independent assessment is to validate whether the e-banking service complies with applicable regulatory guidance and whether sufficient risk management controls are in place in relation to the service or enhancement concerned. In general, items to be reported in the independent assessment should cover, at a minimum, the areas specified in Annex A, and the report should be submitted to HKMA on request.
Keywords: Asia Pacific, Hong Kong, Banking, E-Banking, Risk Management, Supervisory Policy Manual, Independent Assessment, HKMA
Previous ArticleFDIC Adopts Revisions to Company-Run Stress Testing Requirements
The European Commission (EC) published three Delegated Regulations (2021/2153, 2021/2154, and 2021/2155) to supplement the Investment Firms Directive (IFD or Directive 2019/2034).
The Financial Stability Board (FSB) published a report that presents results of the sixth non-bank financial intermediation monitoring exercise in the Americas.
The Bank for International Settlements (BIS) published the December issue of the Quarterly Review, which analyzes the non-bank financial intermediation mechanisms that could undermine financial stability.
The Bank of England (BoE) opened the Alternative Liquidity Facility, or ALF, for deposits from the participating UK-based Islamic banks for the first time.
APRA issued a letter on the loss-absorbing capacity (LAC) requirements for domestic systemically important banks (D-SIBs) and published a discussion paper, along with the proposed the prudential standards on financial contingency planning (CPS 190) and resolution planning (CPS 900).
The European Banking Authority (EBA) launched three consultations on technical aspects of the revised framework capturing interest rate risks for banking book (IRRBB) positions, with the comment period ending on April 04, 2022.
The European Commission (EC) launched a call for evidence, until March 18, 2022, as part of a comprehensive review of the macro-prudential rules for the banking sector under the Capital Requirements Regulation (CRR) and Directive (CRD IV).
The European Banking Authority (EBA) published the sample of banks for the mandatory Basel III monitoring exercise, which will refer to the December 2021 data.
The Board of Governors of the Federal Reserve System (FED) is adopting a proposal to revise and extend for three years the Complex Institution Liquidity Monitoring Report (FR 2052a) for banks.
The Financial Stability Board (FSB) published a report that sets out good practices for crisis management groups.