Regulatory Alerts2023-12-04
Joint Standard on Cybersecurity and Cyber Resilience Requirements for Financial Institutions
The Financial Sector Conduct Authority and Prudential Authority have issued a Joint Standard mandating comprehensive cybersecurity and cyber resilience requirements for all financial institutions. The regulation establishes a 12-month transitional implementation period, assigns ultimate compliance accountability to the governing body, and mandates robust governance structures with clear reporting lines. Financial institutions must implement proportionate but rigorous controls, including encryption, vulnerability assessments, penetration testing, and strict oversight of third-party and cloud service providers.
Share