Requirements on technology risk management for operators and settlement institutions of designated payment systems and holders of payment services licence (digital payment token service).
This Notice sets out requirements for a high level of reliability, availability and recoverability of critical IT systems and to implement IT controls to protect customer information from unauthorised access or disclosure.