Tag archives: Financial institutions

ICO publishes guidance on bulk emails

By Lesley Browning and Shane O'Reilly on September 21, 2023 Posted in General

The Information Commissioner’s Office has published new guidance on email security, with emphasis on safety when sending to multiple recipients which is relevant for pension schemes when emailing their membership. The principal points include: As regards pension schemes, administrators should remember that whether information is sensitive can depend on the context and consideration should be given to … Continue reading

Hong Kong: Data Security Measures Guidance published by the PCPD

By Anna Gamvros and Edward Yau (HK) on March 1, 2023 Posted in Cybersecurity

As data breaches and cyber attacks continue to surge and attackers become more sophisticated, organisations are well aware that the need for robust data security measures is becoming increasingly important. In Hong Kong, the Office of the Privacy Commissioner for Personal Data (the PCPD) recently published a Guidance Note on Data Security Measures for Information … Continue reading

OSFI’s Technology and Cyber Risk Management Guideline: Part 1

By Suzie Suliman (CA), Shreya Gupta and Imran Ahmad (CA) on August 29, 2022 Posted in Compliance and risk management, Cybersecurity

On July 13, 2022, the Office of the Superintendent of Financial Institutions (OSFI) released its final Guideline B-13 (the Guideline), setting out technology and cyber risk management expectations for all federally regulated financial institutions (FRFIs), such as banks, insurance and trust companies. FRFIs will need ensure that they have taken steps to comply with the requirements … Continue reading

NYDFS Requires COVID-19 Plans by April 9

By Susan Ross (US) and Kathleen Scott (US) on April 2, 2020 Posted in Compliance and risk management, Cybercrime, Cybersecurity, Dispute resolution and litigation, Enforcement, General

Norton Rose Fulbright - Data Protection Report blog

On March 10, 2020, the New York Department of Financial Services (NYDFS) issued guidance to all of its regulated institutions engaged in virtual currency business activity, requiring them to have plans for preparedness to manage the possible operational and financial risks posed by the COVID-19 pandemic. NYDFS requires the plans to be submitted by Thursday, April 9, … Continue reading

Event: Cybersecurity Updates in the Financial Services Sector – April 6, 2017

By on March 24, 2017 Posted in General

Data Protection Report - Norton Rose Fulbright

Please join us for a 40-minute briefing on the latest developments in cybersecurity and what the financial services sector needs to know in order to comply. There are new regulatory initiatives at the international, US national and US state levels. With the consistent threat of security breach, financial institutions need to be aware of the latest developments … Continue reading

Hong Kong Monetary Authority Announces Enhanced Competency Framework on Cybersecurity

By Anna Gamvros and Ruby Kwok (HK) on December 27, 2016 Posted in Regulatory response

On 19 December 2016, the Hong Kong Monetary Authority (“HKMA”) announced the launch of the Enhanced Competency Framework on Cybersecurity (“ECF-C”).… Continue reading

Cyber security – making banking safer

By Marcus Evans (UK) on January 4, 2016 Posted in Compliance and risk management, Cybercrime

Cybersecurity is rarely out of global news headlines. David Navetta and Marcus Evans have commented on the issue in the January 2016 edition of The Banker. The feature – “Cyber security – making banking safer” – looks how financial institutions are protecting their assets and customers’ data.… Continue reading