Regulatory Alerts2024-02-28
Regulation on Systems and Information Security for Pension Funds
The Board of the Central Bank of Kosovo has issued this regulation to establish minimum criteria and operational requirements for the information technology systems of licensed pension funds. Pension funds must implement dedicated IT governance structures, conduct annual risk assessments, and enforce strict security protocols for data confidentiality, integrity, availability, and physical protection. The mandate further mandates rigorous oversight of external IT and cloud service providers through standardized contracts, continuous monitoring, and mandatory incident reporting to the regulator within one working day.
Share