About Us
What we do
Our History
Group of Companies
Meet the Team
Job Opportunities
Sovereign Offices
Contact Us
The Sovereign Art Foundation
The Sovereign Art Foundation Gallery
Services
Corporate Services arrow
Corporate Services
Domiciliary Services
Director Services
Opening an offshore bank account
Accounting and Payroll Services
Insurance Services
Occupational Pensions and Savings
Company Secretary/Resident Agent Services
Property, Immigration and Relocation Services
Jurisdictions
More about Corporate Services
Private Client arrow
Trust and Trustee Services
Residency and Citizenship
Tax advisory services
Foreign Property Ownership
Foundations
Pensions and Retirement Planning
Wealth Management
Insurance Services
Sovereign Marine Services
Aircraft Registration and Management
More about Private Client
Retirement Planning arrow
Personal Pensions
Occupational Pensions and Savings
Retirement Planning Contacts
Product Forms
Pension Administration Locations
More about Retirement Planning
Corporate Services
Private Client
Retirement Planning
Jurisdictions
Asia
Africa
Caribbean
Europe
Middle East
Resources
News and Blogs
Events
Sovereign Report
Webinars and Videos
Sovereign Stories
Downloads
Archive
Contact Us
Get in Touch

If you have any questions, feel free to let us know. Our specialists will get back to you within 24 hours.

Contact us
Contact Us
Finding nearest address...
International Information
What are you looking for?
Clear Filter
Looking for...
Focusing on...
Choose one or multiple jurisdictions
Facebook
Instagram
Linkedin
Twitter
Youtube
weChat
Home / Resources / Blog Singapore / MAS enhances Guidelines to combat heightened cyber risks

MAS enhances Guidelines to combat heightened cyber risks


In Blog Singapore
Singapore Blog Singapore News and Views

The Monetary Authority of Singapore (MAS) issued revised Technology Risk Management (TRM) Guidelines in January to keep pace with emerging technologies and shifts in the cyber threat landscape.

The Guidelines are a set of best practices that provide financial institutions (FIs) with guidance on the oversight of technology risk management, practices and controls to address technology and cyber risks. MAS expects FIs to observe the guidelines as this will be considered in MAS’ risk assessment of the FIs.

The move follows a recent spate of cyber attacks on supply chains, which targeted multiple IT service providers through the exploitation of widely used network management software. The revised Guidelines focus on addressing technology and cyber risks in an environment of growing use by FIs of cloud technologies, application programming interfaces and rapid software development.

The revised Guidelines reinforce the importance of incorporating security controls as part of FIs’ technology development and delivery lifecycle, as well as in the deployment of emerging technologies, and set out the following enhanced risk mitigation strategies for FIs to:

  • Establish a robust process for the timely analysis and sharing of cyber threat intelligence within the financial ecosystem; and
  • Conduct cyber exercises to allow FIs to stress test their cyber defences by simulating the attack tactics, techniques, and procedures used by real-world attackers.

In light of FIs’ growing reliance on third party service providers, the revised Guidelines set out the expectation for FIs to exercise strong oversight of arrangements with third party service providers, to ensure system resilience as well as maintain data confidentiality and integrity.

The revised Guidelines provide additional guidance on the roles and responsibilities of the board of directors and senior management, which include that:

  • The board and senior management should ensure that a Chief Information Officer and a Chief Information Security Officer, with the requisite experience and expertise, are appointed and accountable for managing technology and cyber risks; and
  • The board should include members with the relevant knowledge to provide effective oversight of technology and cyber risks.

MAS Chief Cyber Security Officer Tan Yeow Seng said: “Technology now underpins most aspects of financial services. Not only are financial institutions adopting new technologies, they are also increasingly reliant on third party service providers. The revised Guidelines set out MAS’ higher expectations in the areas of technology risk governance and security controls in financial institutions.”

The TRM Guidelines apply to all FIs that MAS regulates, ranging from large ones like banks, insurers and exchanges, to small ones like venture capital managers and payments services firms. They should be read in conjunction with the Notice on Technology Risk Management and Notice on Cyber Hygiene.

 

Contact Andrew Galway

Read Next

View all Blog Singapore
Singapore -
Singapore Trusts: the tax risks of reserved powers for trust settlors Pt 2
Read more
Singapore -
Singapore Trusts: the increasing risks of reserved powers for trust settlors
Read more
Singapore -
Singapore consults on new Corporate Service Providers Bill
Read more
Isle of Man -
Digital Isle of Man signs Artificial Intelligence MoU with AI Singapore
Read more
Singapore tables Financial Institutions (Miscellaneous Amendments) Bill 2024
Read more
Singapore -
Setting up a company in Singapore
Read more
Singapore amends Foreign Source Income Exemption (FSIE) regime
Read more
Singapore consults on streamlined regulatory framework for Fund Managers
Read more

Resources

News and Blogs
Events
Sovereign Report
Webinars and Videos
Sovereign Stories
Downloads
Archive
01/07
Get in Touch

Please contact us if you have any questions or queries and your local representative will be in touch with you as soon as possible.