MAS wants your views on technology risk management

The Monetary Authority of Singapore has released two consultation papers on enhanced guidelines and legal requirements.

The first paper is a set of enhanced guidelines on technology risk management and the adoption of sound security practices while the second is a Notice on Technology Risk Management which sets out the legal requirements for financial institutions.

MAS said the TRM Guidelines have been enhanced from the existing Internet Banking and Technology Risk Management Guidelines. The guidelines will apply to all financial institutions, compared to IBTRM which focused primarily on the banking sector.

“A workgroup of IT security specialists from the major banks and technology experts provided input to MAS in the drafting stage. The enhanced guidelines provide guidance on the oversight of technology risk management and security practices of financial institutions to address technology risks to the financial industry,” said MAS.

MAS is also proposing to issue a Notice on Technology Risk Management to define and enforce a set of mandatory IT requirements for the financial industry.

“The Notice stipulates requirements for a high level of robustness and integrity of critical IT infrastructure and systems. It also specifies the requirement for financial institutions to implement IT controls to protect customer information from unauthorised access or disclosure,” explained MAS.

MAS invites interested parties to give their views and comments on the two consultation papers by 16 July 2012. The consultation papers may be viewed here.