Industry-Wide Stress Tests
MAS conducts industry-wide stress tests of financial institutions in Singapore annually. In 2013, financial institutions were stress tested on two adverse scenarios - a V-shaped recession where GDP declines sharply in the first year and recovers thereafter, and a protracted recession where GDP declines over three years. Both scenarios entail large declines in domestic and regional economic activity. The stress tests showed that banks and insurers are resilient to adverse macroeconomic scenarios. The International Monetary Fund's Financial Sector Assessment Programme in 2013 also assessed that Singapore's financial system is resilient to the domestic and global risks it is exposed to.

Industry-Wide Business Continuity Management
MAS published an information paper in December 2013, providing a comprehensive overview of the Business Continuity Management landscape in the financial industry. Drawing on the results from an extensive survey of the industry, the information paper shared good practices as well as opportunities for improvement in various areas, such as business resiliency and crisis management.

Financial District Security Programme
In 2013, the Financial District Security Programme (FDSP) was restructured to engage and strengthen partnership with the industry on physical security, contingency planning and business continuity management issues. The FDSP now has more financial institutions represented on its Steering Committee and senior representatives from financial institutions (such as Chief Operating Officers or equivalent) as Steering Committee members.

Enhancing Technology Risk Management
MAS issued the Technology Risk Management Guidelines and Notice to financial institutions in June 2013. The Guidelines set out MAS' minimum expectations of financial institutions' technology risk governance and security practices to address existing and emerging technology risks within the financial industry.

The Notice allows specific penalties to be imposed on financial institutions that fail to maintain a high level of reliability, availability and recoverability of their critical IT systems, or do not implement strong IT controls to protect customer information from unauthorised access or disclosure.