Regulatory Alerts2021-08-13
Technology and Cyber Security Incident Reporting
The Office of the Superintendent of Financial Institutions (OSFI) and its French counterpart (BSIF) issued this 2025 standardized reporting form to require regulated financial institutions to systematically document and disclose technology and cybersecurity incidents. The template mandates precise data entry across incident timing, affected business lines, financial impact, recovery metrics, root causes, and threat actor indicators. It further standardizes multi-party notification protocols by capturing senior management alerts, regulatory submissions, law enforcement communications, and cyber insurance claims within a single unified report.
Share