Monetary Authority of Singapore consults on updating Business Continuity Management Guidelines
- Published: Monday, 11 March 2019 08:55
The Monetary Authority of Singapore (MAS) has released two consultation papers on proposed changes to its Business Continuity Management Guidelines and Technology Risk Management (TRM) Guidelines. The changes will require financial institutions to put in place enhanced measures to strengthen operational resilience, which will take into account the rapidly changing physical and cyber threat landscape.
MAS proposes to update the Business Continuity Management Guidelines to raise standards for financial institutions in the development of business continuity plans that will better account for interdependencies across their operational units and linkages with external service providers. Financial institutions will be encouraged to put in place an independent audit programme to regularly review the effectiveness of their business continuity efforts.
MAS also proposes to expand the TRM Guidelines to include guidance on effective cyber surveillance, secure software development, adversarial attack simulation1, and management of cyber risks posed by the Internet of Things.
The two updated guidelines continue to emphasise the importance of risk culture, and the roles of the board of directors and senior management in business continuity management and technology risk.
The public consultation will run until 8th April 2019.
The MAS Business Continuity Management Guidelines were first issued to the financial industry in June 2003, with a focus on the organizational response and recovery process to minimise the impact of business disruptions. Subsequently, an addendum was issued in January 2006 to provide further guidance on measures to mitigate the impact of influenza pandemic and security threats arising from terrorism.