On 26 September 2024, the European Central Bank (ECB) issued a paper which outlines how the European framework for threat intelligence-based ethical red teaming – the TIBER-EU framework – can help Member State competent authorities (NCAs) and financial entities fulfil the threat-led penetration testing (TLPT) requirements in the Digital
cybersecurity
The UK’s ICO issues a monetary penalty notice to professional services firm after ransomware attack
On 10 March 2022, the Information Commissioner’s Office (ICO) issued a monetary penalty notice to a professional services firm (the Firm) to the tune of £98,000 for a breach of Article 5(1)(f) of the General Data Protection Regulation (GDPR).
The Firm was the victim of a ransomware attack which it first became aware of on…
NYDFS settles cybersecurity regulation matter for $3 million
The New York Department of Financial Services recently reached a settlement with National Securities Corp. related to multiple cybersecurity violations.…
FINRA’s Guidance to Broker-Dealers on Pandemic Preparedness (coronavirus, COVID-19)
In light of mounting concerns about COVID-19, aka the coronavirus, FINRA recently published FINRA Regulatory Notice 20-08 – Pandemic-Related Business Continuity Planning, Guidance and Regulatory Relief. Notice 20-08 provides both guidance on pandemic preparedness and regulatory relief to impacted member firms. Notice 20-08 supplements previous guidance on pandemic preparedness that FINRA published in October 2009…
Hong Kong: BCBS issues statement on crypto-assets
The Basel Committee on Banking Supervision (BCBS) have shone a light on the risks associated with crypto-assets in a statement issued on 13 March 2019, calling on banks who acquire exposures to crypto-assets to take appropriate and specific measures to mitigate such risks.
The BCBS is the primary global standard setter for the…
New structures to fight cybercrime in South Africa
Cybercrime happens at the speed of broadband with criminals able to easily move the tools of their activities from one location to another. Successfully combatting cybercrime therefore requires real time detection and investigation, often by different agencies in different countries.
Cybercrime has exploded internationally in the past several years in tandem with the surge of…
Innovation and Disruption
Financial Institution Symposium
Technology-led innovation has the potential to truly disrupt existing business models and distribution channels in the financial services industry.
In Australia and more broadly, we have seen start-ups build innovative payment systems, peer-to-peer lending platforms, crypto-currencies, robo-advice and automated investment management.
However, the large institutions are well capitalised, have large customer bases…
CFTC views cybersecurity and data integrity as top priorities; may issue regulations
Cybersecurity has recently become a high priority issue at the US Commodity Futures Trading Commission (CFTC) – the agency overseeing designated contract markets, swap execution facilities, derivatives clearing organizations, swap data repositories (SDRs), swap dealers, futures commission merchants, commodity pool operators and other derivatives market participants.
CFTC Articulates Unique Cybersecurity Concerns
CFTC Chairman Timothy Massad…