2024-11-13

Material Cyber Incident Notifications FAQs

The Reserve Bank of New Zealand and the Financial Markets Authority issued these FAQs to clarify the material cyber incident notification requirements that commenced on 8 April 2024. Regulated entities must report incidents that materially affect their financial stability or customer interests within 72 hours of detection using a standardized template shared with both regulators. The document provides detailed definitions, classification guidance, and procedural instructions for reporting via secure file transfer services to support industry compliance and risk monitoring.

New Zealand

Reserve Bank of New Zealand

Show thumbnailShow full textSourceAdd to collection

Show thumbnail