Notices
Notice CMG-N02 Technology Risk Management
Requirements on technology risk management for capital markets entities.
Issued pursuant to:
Securities and Futures Act (Cap. 289) section 46 , section 46ZK , section 81R , section 101 and section 293 .
Applies to:
Approved CIS Trustee
,
Dealing in Capital Markets Products
,
Product Financing
,
Providing Custodial Services
,
Licensed Fund Management Company
,
Venture Capital Fund Management Company
,
Corporate Finance Advisory
,
REIT Management
,
Credit Rating Agency
,
Securities Crowdfunding
,
Markets and Exchanges
,
Clearing House
,
Trade Repository
,
Benchmark Administrator/Submitter
,
Central Securities Depository
This notice applies to the following capital markets entities in Singapore:
- Approved exchanges.
- Licensed trade repositories.
- Approved clearing houses.
- Recognised clearing house operators which are incorporated in Singapore.
- Holders of a capital markets services licence.
- Recognised market operators which are incorporated in Singapore.
- Approved trustees.
It sets out requirements for a high level of reliability, availability and recoverability of critical IT systems and for service providers to implement IT controls to protect customer information from unauthorised access or disclosure.
See also:
Amendment Notes
- 03 Oct 2018
- Notice CMG-N02 (Amendment) 2018 (414.7 KB) dated 03 Oct 2018 takes effect.
- 01 Jul 2014
- Notice CMG-N02 (Amendment) 2014 (91.2 KB)dated 06 Mar 2014 takes effect.
- 21 Jun 2013
- Notice CMG-N02 takes affect.
Related to this Notice
-
Forms and TemplatesLast Revised Date: 02 October 2023
Incident Reporting Template
Template for financial institutions to report incidents to MAS, including incidents relating to IT systems, cyber attacks, information loss and liquidity.
-
FAQsLast Revised Date: 05 May 2023
FAQs - Notice on Technology Risk Management
Frequently asked questions about the Notice on Technology Risk Management.
-
GuidelinesPublished Date: 18 January 2021
Guidelines on Risk Management Practices – Technology Risk
Risk management principles and best practice standards to guide financial institutions in managing technology risk.
-
NoticesLast Revised Date: 05 October 2018
Notice CMG-N01 on Reporting of Suspicious Activities and Incidents of Fraud
When to report suspicious activities and incidents of fraud.
-
Forms and TemplatesPublished Date: 21 June 2013
Instructions on Incident Notification and Reporting to MAS
Provides guidance to financial institutions on the notification and reporting of incidents to MAS.