MAS announced today that it has directed the Manager of Eagle Hospitality REIT (EH-REIT), and its Trustee, to take steps to protect the rights and interests of EH-REIT’s unitholders. MAS and the Singapore Exchange Regulation (SGX RegCo) are also looking into possible breaches of relevant laws and regulations as well as listing rules in relation to the issues surrounding EH-REIT.
MAS Consults on Proposed Enhancements to Technology Risk and Business Continuity Management Guidelines
Singapore, 7 March 2019… The Monetary Authority of Singapore (MAS) today released two consultation papers on proposed changes to the Technology Risk Management (TRM) Guidelines and the Business Continuity Management (BCM) Guidelines. The changes will require financial institutions (FIs) to put in place enhanced measures to strengthen operational resilience. These take into account the rapidly changing physical and cyber threat landscape.
2 MAS proposes to expand the TRM Guidelines to include guidance on effective cyber surveillance, secure software development, adversarial attack simulation
3 MAS also proposes to update the BCM Guidelines to raise standards for FIs in the development of business continuity plans that will better account for interdependencies across FIs’ operational units and linkages with external service providers. FIs are encouraged to put in place an independent audit programme to regularly review the effectiveness of their BCM efforts.
4 The two Guidelines continue to emphasise the importance of risk culture, and the roles of Board of Directors and senior management in technology risk and business continuity management.
5 Mr Tan Yeow Seng, Chief Cyber Security Officer, MAS, said, “A cyber-attack can result in a prolonged disruption of business activities. Threats are constantly present and evolving in sophistication. We cannot afford to be complacent. Financial institutions must therefore remain vigilant and have in place effective technology risk management practices and robust business continuity plans to ensure prompt and effective response and recovery."
6 The public consultation will run from 7 March to 8 April 2019. Copies of the public consultation papers are available on the MAS website: and . MAS welcomes feedback from FIs and other interested parties on the proposed changes to the Guidelines.
The TRM Guidelines were issued in 2013 to provide financial institutions with guidance on the oversight of technology risk management, security practices and controls to address technology risks.
The BCM Guidelines were first issued to the financial industry in June 2003, with a focus on the organisational response and recovery process to minimise the impact of business disruptions. Subsequently, an addendum was issued in January 2006 to provide further guidance on measures to mitigate the impact of influenza pandemic and security threats arising from terrorism.
The extent and degree to which an FI implements the Guidelines should be commensurate with the nature, size and complexity of its business operations.