MFSA sets out its ICT & Security Risk Management Expectations
JUNE 30, 2020

The Malta Financial Services Authority (MFSA) has released principle-based cross-sectoral guidelines for public consultation, in the areas of Technology Arrangements, ICT and Security Risk Management, and Outsourcing, setting out the Authority’s expectations.

The Guidance document, titled Guidance on Technology Arrangements, ICT and Security Risk Management, and Outsourcing Arrangements, looks at technology as a mission-critical component, an innovation enabler and a major determinant for operational efficiency and highlights the importance of resilience and regulatory compliance. It draws from, and references, several sources, primarily European Supervisory Authorities’ (ESA) Guidelines, International Standards and established Frameworks applicable to the use and application of technology arrangements within the financial services industry.

“The MFSA’s Guidance document is in line with the evolving direction provided by the ESAs and international best practices in this field. The MFSA’s objective is to ensure that all licensed entities place ICT & Cybersecurity risk at the top of their strategic agenda in order to address inherent technology risks and ensure a safe environment across the financial services sector,” commented the MFSA’s Chief of Supervision, Christopher Buttigieg.

Public consultation is open until Friday 28 August 2020 and interested parties are invited to send their feedback , ask questions and/or make any suggestions concerning the Guidelines, as applicable, to [email protected].