Cookies on Pinsent Masons website

This website uses cookies to allow us to see how the site is used. The cookies cannot identify you. If you continue to use this site we will assume that you are happy with this

If you want to use the sites without cookies or would like to know more, you can do that here.

Singapore's MAS sets out IT security standards for financial institutions

The Singapore financial services regulator has published the IT security standards that financial services companies operating there must adhere to. 14 Jun 2012

The Monetary Authority of Singapore (MAS) will consult on those standards and on proposed Technology Risk Management Guidelines before implementation of both proposals.

The Notice on Technology Risk Management defines and enforces a set of mandatory IT requirements for the financial industry.  The Notice stipulates requirements for a high level of robustness and integrity of critical IT infrastructure and systems. It also specifies the requirement for financial institutions to implement IT controls to protect customer information from unauthorised access or disclosure.

Notices impose "legally binding requirements on a specified class of financial institutions or persons", MAS said. Guidelines, such as the more general one published on technology risk management, are not binding but "specified institutions or persons are encouraged to observe the spirit of these guidelines", it said.

MAS said in the consultation paper that it particularly invited comment from industry in relation to new proposals on data centre protection and controls; mobile banking and payment security; payment card system and ATM security, and combating cyber threats.

"With the advent of mobile banking and payment services using smartphones and mobile devices in Singapore, MAS has rightly anticipated and assessed the risks associated with this new online platform by seeking to provide updated guidance to financial institutions," said Rosemary Lee, counsel at Pinsent Masons MPillay, the Singapore joint law venture partner of Pinsent Masons, the law firm behind Out-Law.com.

"This is particularly relevant in this day and age of increasing data breaches and cyber attacks," said Lee. "It is important to ensure that financial institutions can conduct mobile banking and payments offerings in the mobile channel in a technologically sound manner, say by way of appropriate authentication and authorisation controls, in order to build consumer confidence."

Expertise in Financial Regulation

Pinsent Masons offers an experienced team who are adept at advising on the increasingly international and complex questions arising out of the current sea of regulatory change. The current climate dictates that lawyers have an ability to provide clear, practical advice delivered in a cost-effective manner.

More about Financial Regulation