Monetary Authority of Singapore Annual Report 2012/2013


Technology Risk Management Notice and Guidelines

In June 2013, MAS issued the Technology Risk Management Guidelines and Notice to strengthen technology risk management capabilities in financial institutions. The Guidelines were enhanced from the existing Internet Banking and Technology Risk Management Guidelines (IBTRM) to address existing and emerging technology trends as well as security concerns in the financial industry. The Notice defines a set of legal requirements relating to technology risk management for financial institutions. Under the Notice, financial institutions are required to maintain a high level of reliability, availability and recoverability of critical IT systems and to implement IT controls to protect customer information from unauthorised access or disclosure. In addition, financial institutions are required to report major system malfunctions and IT security incidents promptly to MAS.