2017-05-19

G4/2017 Cyber Resilience

The South African Reserve Bank’s Registrar of Banks requires all banks, foreign branches, and controlling companies to align their cyber resilience frameworks with CPMI-IOSCO international guidance. Institutions must implement risk-based cyber controls, ensure appropriate recovery time objectives through business impact assessments, utilize reputable third-party security testing, and maintain local cyber threat intelligence. The Registrar will evaluate these measures through the supervisory review and evaluation process, with non-compliant institutions facing potential mandates to strengthen risk policies or hold additional capital.

South Africa

South African Reserve Bank

Show thumbnailShow full textSourceAdd to collection

Show thumbnail