Guidelines on Risk Management Practices – Technology Risk
Risk management principles and best practice standards to guide financial institutions in managing technology risk.
Notices
Notice CMG-N02 Technology Risk Management
Requirements on technology risk management for capital markets entities.
Issued pursuant to:
Securities and Futures Act (Cap. 289) section 46 , section 46ZK , section 81R , section 101 and section 293 .
Applies to:
Approved CIS Trustee
,
Dealing in Capital Markets Products
,
Product Financing
,
Providing Custodial Services
,
Licensed Fund Management Company
,
Venture Capital Fund Management Company
,
Corporate Finance Advisory
,
REIT Management
,
Credit Rating Agency
,
Securities Crowdfunding
,
Markets and Exchanges
,
Clearing House
,
Trade Repository
,
Benchmark Administrator/Submitter
,
Central Securities Depository
This notice applies to the following capital markets entities in Singapore:
- Approved exchanges.
- Licensed trade repositories.
- Approved clearing houses.
- Recognised clearing house operators which are incorporated in Singapore.
- Holders of a capital markets services licence.
- Recognised market operators which are incorporated in Singapore.
- Approved trustees.
It sets out requirements for a high level of reliability, availability and recoverability of critical IT systems and for service providers to implement IT controls to protect customer information from unauthorised access or disclosure.
See also:
Amendment Notes
- 03 Oct 2018
- Notice CMG-N02 (Amendment) 2018 (414.7 KB) dated 03 Oct 2018 takes effect.
- 01 Jul 2014
- Notice CMG-N02 (Amendment) 2014 (91.2 KB)dated 06 Mar 2014 takes effect.
- 21 Jun 2013
- Notice CMG-N02 takes affect.