Regulatory Alerts2022-01-01
Circular No. 47 - Operational Incidents Related to Information Technology / Information Security
The Palestine Monetary Authority issued Circular No. 47/2022 mandating all Palestinian banks to establish internal information security teams, submit gap assessments and remediation plans by June 30, 2022, and immediately report any cyber incidents, fraud, system failures, unauthorized access, or data breaches to the regulator. Banks must provide detailed written follow-up reports within two days of any incident using the prescribed form, regardless of service downtime duration. These measures aim to mitigate rising cyber risks, ensure banking sector continuity, and align operations with international cybersecurity best practices.
[Palestine Monetary Authority Logo]
Palestine Monetary Authority PALESTINE MONETARY AUTHORITY
Circular No. (47 / 2022) To all banks operating in Palestine Date: Thursday, March 03, 2022
Subject: Operational Incidents Related to Information Technology / Information Security
To mitigate cyber risks that the banking sector may face, to prevent negative impacts on the safety and continuity of bank operations amid rising cyber attacks, and to reduce anticipated risks to the banking sector, and based on best standards, practices, and our related directives, all banks are required to comply with the following:
-
Establish an internal team within the bank responsible for reviewing and evaluating the information security system and its capacity to face risks, to ensure business continuity during critical times, identify additional steps required to address elevated threat levels, determine current gaps and remediation plans, and monitor necessary implementation budgets as soon as possible.
-
Provide the Palestine Monetary Authority with the gap assessment and remediation plan no later than June 30, 2022.
-
Notify the Palestine Monetary Authority immediately and without delay of any cyber incidents or attacks that the bank or any third-party contractor has been or may be subjected to, which affect or are likely to affect the bank's systems and services, regardless of the duration of downtime or service irregularity, including: a. Cyber attacks and any information security breaches, whether successful or failed attempts. b. Fraud incidents. c. System failures / system disruptions. d. Unauthorized access. e. Data breaches.
-
Reporting shall be conducted via the email below or phone/mobile, and must be reinforced in writing with detailed information within a maximum of two days from the date of the incident, according to the attached appendix. (To: ITSVD@pma.ps) (CC: bshubairi@pma.ps)
Supervision Group Palestine Monetary Authority
www.pma.ps Ramallah & Al-Bireh Governorate - Palestine P.O. Box 452 | Ramallah & Al-Bireh Governorate Tel: +970 2 2415251 2 | Fax: +970 2 2415310 | info@pma.ps Gaza - Palestine P.O. Box 4026 | Gaza - Palestine Tel: +970 8 2825713 8 | Fax: +970 8 2844487
[Palestine Monetary Authority Logo] Incidents Form
Basic Information
| 1. Particulars of Reporting: | |
|---|---|
| • Name of the bank | |
| • Date and Time of Reporting to PMA | |
| • Name of Person Reporting | |
| • Designation/Department | |
| • Contact details (e.g. official email-id, telephone no, mobile no) - IT Manager. - Information Security Officer | |
| 2. Details of Incident: | |
| • Date and time of incident detection |
1
[Palestine Monetary Authority Logo] Incidents Form
| • Type of incidents and systems affected | |
|---|---|
| i. Outage of Critical IT system(s) (e.g. CBS, Treasury Systems, Trade finance systems, Internet banking systems, ATMs, SWIFT, etc.) | |
| ii. Cyber Security Incident (e.g. DDOS, Ransom ware/crypto ware, data breach, data destruction, web defacement, etc.)? | |
| iii. Theft or Loss of Information (e.g. sensitive customer or business information stolen or missing or destroyed or corrupted)? | |
| iv. Outage of Infrastructure (e.g. which premises-DC, branch, etc., power/utilities supply, telecommunications supply,)? | |
| v. Financial (e.g. liquidity)? |
2
[Palestine Monetary Authority Logo] Incidents Form
| • What actions or responses have been taken by the bank? | |
|---|---|
| 3. Impact Assessment(examples are given but not exhaustive): | |
| • Business impact including availability of services – Banking Services, Internet banking, Cash Management, Trade Finance, Branches, ATMs, Clearing and Settlement activities, etc. | |
| • Impact on stakeholders- affected retail/corporate customers, affected participants including operator(s), settlement institution(s), business partners, and service providers, etc. | |
| • Financial and market impact – Trading activities, transaction volumes and values, monetary losses, liquidity impact, bank run, withdrawal of funds, etc. Regulatory and Legal impact | |
| 4. Chronological order of events: | |
| • Date of incident, start time and duration |
3
[Palestine Monetary Authority Logo] Incidents Form
| • Escalations done including approvals sought on interim measures to mitigate the event, and reasons for taking such measures | |
|---|---|
| • Channels of communications used (e.g. email, internet, SMS, press release, website notice, etc.) | |
| • Rationale on the decision/activation of BCP and/or DR. | |
| 5. Root Cause Analysis(RCA): | |
| • Factors that caused the problem/ Reasons for occurrence, Cause and effects of incident | |
| • Interim measures to mitigate/resolve the issue, and reasons for taking such measures. |
4
[Palestine Monetary Authority Logo] Incidents Form
| • Steps identified or to be taken to address the problem in the longer term. List the remedial measures/corrections affected (one time measure) and/or corrective actions taken to prevent future occurrences of similar types of incident | | | 6. Date/target date of resolution________________ (DD/MM/YYYY). | |
Note: All fields are REQUIRED to be filled unless otherwise stated.
5