Regulatory Alerts2016-09-19 | 2016-22413System Safeguards Testing Requirements for Derivatives Clearing Organizations
The Commodity Futures Trading Commission is adopting a final rule that establishes enhanced system safeguards testing requirements for derivatives clearing organizations to strengthen cybersecurity resilience. The regulation mandates minimum testing frequencies, including quarterly vulnerability scans and annual internal and external penetration tests, while aligning with established industry standards like those from NIST and the FFIEC. DCOs must comply with the new provisions by September 2017, and the rule permits testing to be conducted by independent contractors or qualified internal employees not responsible for system development or operations.
Share