Aggregated News From Investment Management Regulators

EBA Guidelines on ICT and Security Risk Management


Please complete the required fields.

On 28 November 2019, the European Banking Authority (EBA) published final Guidelines on ICT and security risk management for credit institutions, investment firms and payment service providers (PSPs) (‘the Guidelines’). The FCA has notified the EBA that it intends to comply with these Guidelines.

All credit institutions, investment firms and PSPs will be expected to make every effort to comply with the Guidelines from 30 June 2020 when they enter into force. Firms should also refer to the EBA’s further guidance on the use of flexibility in relation to Covid-19 and the implementation of the Guidelines.

Consistent with this further guidance, the FCA will apply reasonable supervisory flexibility when assessing the implementation of the Guidelines given the ongoing Covid-19 crisis. In line with previous FCA guidance to firms in the current situation, we encourage firms to particularly focus on the provisions within the Guidelines relating to information security, ICT operations and business continuity to maximise their ability to provide services on an ongoing basis and to limit losses in the event of severe business disruption.

The FCA is currently consulting on new requirements for operational resilience and we expect to publish our final rules in Q1 2021, including providing further information on the links between our operational resilience policy and the EBA Guidelines. We welcome feedback from firms to our consultation and their experiences in embedding the requirements of the Guidelines.

Regulator Information

Regulator Name: Financial Conduct Authority
Abbreviation: FCA
Jurisdiction: United Kingdom

Recent Articles

SEC Charges Eagle Bancorp and Former CEO with Failing to Disclose Related Party Loans

Washington D.C., Aug. 16, 2022 — The Securities and Exchange Commission today charged Eagle Bancorp, Inc.

Warning regarding unregulated entities

See a PDF of the Warning published by the Cyprus Securities and Exchange Commission (CySEC CY) here: Source link

Announcement for a Case of Carrying out Securities Business without Authorisation

In line with the Capital Market Authority's (CMA) responsibilities to protect citizens and investors from unfair and unsound practices, and aiming to achieve fairness,...

OCC Hosts Risk Governance and Compliance Risk Workshops in Minneapolis

  • +1Bank Management, Banker Education, Board of Directors & Management, Community Banks
News Release 2022-99 | August 15, 2022 Share This Pag

Get the latest from Regulatory.News in your inbox!