FMA Releases Cyber Resilience Info Sheet For Financial Advice Providers

Published: Thu 29 Jul 2021 09:02 AM
The Financial Markets Authority (FMA) - Te Mana Tātai Hokohoko - has today published an information sheet containing principles and resources to help licensed financial advice providers develop their cyber resilience.
Financial advice provider licensing was introduced in March 2021 as part of the new regime for regulating financial advice under the Financial Markets Conduct Act 2013 (as amended by the Financial Services Legislation Amendment Act 2019).
The standard conditions for full financial advice providers licences include a requirement to have and maintain a business continuity plan that includes procedures for responding to, and recovering from, events that impact on cybersecurity and continuity (condition 5).
Additionally, the new Code of Professional Conduct for Financial Advice Services requires providers to ensure that client information is protected against loss and unauthorised access, use, modification or disclosure.
FMA Director of Supervision James Greig said: “Within this newly-licensed population are many individuals and entities who have not previously been subject to compliance obligations for cybersecurity, including many small or single-adviser businesses. Although the information sheet is specifically for financial advice providers, cyber resilience is of critical importance to all licensed entities.
“Given the increasing sophistication and frequency of hacking and data-breaches reported in New Zealand, and the sensitive nature of information that may be held by financial markets participants, it is essential that all licensees give high priority to their cyber resilience capabilities. This includes ensuring that cyber security processes remain robust and appropriate for the cyber-related risks faced by the licensee.”
The FMA’s guidance outlines key areas for all licensees to focus on to build and maintain the security and resilience of their technology systems.
However, it is up to licensees to design their own policies, processes and controls to suit the nature and scale of their individual business, Mr Greig said.
“Cyber resilience will be a key focus of our monitoring reviews of all market participants. Licensees will need to demonstrate not only that they have policies and systems in place, but also that these are widely understood and integrated into their business,” he said.
In 2019 the FMA conducted a thematic review of market participants’ cyber resilience. The report provided guidance for firms in areas where the FMA identified the need for improvement.

Next in Business, Science, and Tech

Auckland’s Population Falls For The First Time
By: statisitics new
Third Snapshot Report Reveals $9.5 Billion Business Investment In Climate Action
By: BusinessNZ
The home printer market is broken
By: Digitl
Some Good News For Retail In COVID Announcements, But Firm Dates Needed
By: Retail NZ
Companies In Hot Water For Selling Unsafe Hot Water Bottles And Toys
By: Commerce Commission
Robust Balance Sheets Yield Faster Economic Recovery
By: The Reserve Bank of New Zealand
View as: DESKTOP | MOBILE © Scoop Media