On 28 January 2021, the Malta Financial Services Authority issued the third volume of ‘The Nature and Art of Financial Supervision’ series, focusing on ICT Risk and Cybersecurity Supervision.
This document provides background on ICT risk and cybersecurity, including the applicable legal and regulatory framework, and the work of the MFSA’s Supervisory ICT Risk and Cybersecurity function. It highlights the main observations made by the function through supervisory interactions conducted over the past year, and clearly sets out the MFSA’s expectations. Moreover, the anticipated focus on the area in the upcoming year is also discussed, in view of supervisory ICT risk and cybersecurity being designated as an MFSA cross-sectoral priority for 2021. The Authority expects regulated entities to note the contents of this publication and to adopt recommendations or take corrective action where appropriate, in order to meet the Authority’s expectations.
MFSA CEO ad interim, Dr Christopher P. Buttigieg, commented that “ICT is crucial in all aspects of today’s world. The financial services sector is no exception. In 2020 the MFSA set up a cross-sectoral Supervisory ICT Risk and Cybersecurity function to address risks inherent to this area. Going forward, the Authority has designated ICT Risk and Cybersecurity as one of its priorities for 2021.” Alan Decelis, Deputy Head of the Authority’s ICT & Cybersecurity function stated that “We plan to continue building on the work carried out in 2019. In view of the ever-increasing dependency on ICT, an enhancement, in terms of breadth and depth of supervisory activities, is to be expected over the coming months”.
The document is publicly available on the MFSA website.