Www.pwc.com/sg Technology Risk Management
[Pages:38]July 2013 Issue 1
sg
Technology Risk Management
2
Global Regulatory Technology Risk
Requirements
5
MAS Technology Risk Management
27
Competitive Intelligence
32
Appendix Case Study Useful Resources
Managing technology risk is now a business priority
Global Regulatory Technology Risk Requirements
PwC
2
Regulatory technology risk requirements landscape have changed over the past 3 years
Financial Conduct Authority (FCA) Prudential Regulation Authority
(PRA)
U.S. Securities and Exchange Commission (SEC)
Federal Deposit Insurance Corporation (FDIC)
Consumer Financial Protection Bureau (CFPB)
PwC
Federal Financial Supervisory Authority (BaFin), Germany
Autorit? des march?s financiers (France) (AMF), France
Swiss Financial Market Supervisory Authority, Switzerland
Financial Services Agency (FSA), Japan
China Securities Regulatory Commission (CSRC)
China Insurance Regulatory Commission (CIRC)
China Banking Regulatory Commission (CBRC)
Monetary Authority of Singapore (MAS), Singapore
Reserve Bank of India (RBI) Insurance Regulatory and
Development Authority (IRDA) Australian Prudential
Regulation Authority (APRA)
3
Impact of regulation: Overview
The interplay of new technology risk regulation with other market changes is driving wide-ranging business impacts
Exec Compensation
Risk
Mgmt
? Disclosure
? Incentives ? Payment
? Risk
structures
? AML processes
? Capital & liquidity
FS Regulations
Change-driven business impacts
? Strategic Impacts ? Attractiveness of markets, business
? Technology Risk
? FATCA
models and portfolios under new rules ? Operational effectiveness and cost
management ? Driven by strategic business choices and
Tax
? Structuring/ levies ? Reserving
new reporting/transparency requirements ? Organisation, governance and culture ? Incentives and governance rules the
subject of more intense regulatory
? GAAP
interest
changes ? Slow growth
Accounting
? Depressed
policies
yields
External Environment
PwC
4
MAS Technology Risk Management Notices and Guidelines
PwC
5
The new MAS Technology Risk Management Guidelines (TRMG) have been enhanced to help financial institutions' improve oversight of technology risk management and security practices.
Technology Risk Management Notice and Guidelines
? The Notice and Guidelines were issued on 21 June 2013. ? Notice will be effective on 1 July 2014. ? All 12 notices tied to the Singapore Act and Laws will
impact: - All Financial Institutions (FIs) (See Appendix for
definitions) - Includes all IT systems
Non compliance to the Notice can result in: ? Financial penalties ? Reputational damage ? Revocation of licence to operate in Singapore
PwC
6
What are the implications of the Notice ?
A FI shall put in place a framework and process to identify critical systems
1
Perform a Business Impact Analysis to identify Critical Systems
Recovery Time Objective (RTO) of 4 hours for critical systems
2
Test your Disaster Recovery (DR) Plans are robust
3 A FI shall implement IT controls to protect
customer information from unauthorised access or disclosure
Encrypt customer data to protect
High availability for critical systems 4 hours of unscheduled downtime
4
Active: Active infrastructure
Inform MAS of major security incidents, systems malfunction within 60 minutes and submit root cause with 14 days
5
Real time monitoring and reporting procedures
PwC
7
With the new TRM Notice and Guidelines, six grouped areas that impact your business were identified
1 Notice
2
System Availability, Incident and Capacity Management
4
Development and Change Management
3
Operational Infrastructure Security and Access Management
5
Mobile Online Services
6 Others
PwC
8
................
................
In order to avoid copyright disputes, this page is only a partial summary.
To fulfill the demand for quickly locating and searching documents.
It is intelligent file search solution for home and business.
Related download
- sg technology risk management
- access to markets for small actors in the roots and tubers
- by order of the air force instruction 65 302
- cfc frequently asked questions community first choice
- by order of the air force instruction 65 106
- cognizant—single sign on identity and access management
- financial management system
- adoption of new 23 nycrr 500 of the regulations of the
- financial services identity and access management
- child care center
Related searches
- treasury risk management pdf
- risk management course syllabus
- risk management professional certification
- advanced financial risk management pdf
- risk management exam quizlet
- top risk management consulting firms
- york risk management workers comp
- risk management work comp claims
- risk management exam answers
- treasury and risk management magazine
- online risk management certification programs
- best risk management certifications