RSA CB, FSCA Cyber Joint Standard

Updated on: Jul 3, 2024

Latest Event

On Dec. 14, RSA CB, RSA FSCA consulted on revised joint standard.

  • RSA CB, RSA FSCA consulted on revised joint standard on minimum requirements for sound practices and processes of cybersecurity and cyber resilience.
  • Follows Dec. 2021, RSA CB, RSA FSCA issued draft joint cyber standard, see #124469.
  • Revised Joint Standard
  • Revised draft incorporates comments from consultation on first draft issued Dec. 2021.
  • Responsibility of governing body of financial institution to ensure that the financial institution meets the requirements set out in joint standard, on a continuous basis.
  • Joint standard addresses requirements relating to governance, cybersecurity strategy and framework, cybersecurity and cyber resilience fundamentals, cybersecurity hygiene practices, as well as notification and regulatory reporting related thereto.
  • Effectiveness
  • Comments must be submitted using template, Annexure E, by Feb. 28, 2023.
  • Dec. 2023 Parliamentary Submission
  • On Dec. 7, 2023, RSA FSCA issued communication on submission of joint standard on cybersecurity and cyber resilience requirements for financial firms, to Parliament.
  • Draft joint standard, supporting documents submitted to parliament on Nov. 30, 2023.
  • May 2024 Joint Standard Published
  • On May 17, 2024, RSA CB and RSA FSCA issued communication on publication of joint standard 2 of 2024 on cybersecurity cyber resilience, as well as consultation report.
  • Joint standard envisaged to commence on Jun. 1, 2025; joint standard will likely take effect after 12 months, authorities urge industry to prepare for its implementation.
  • Jun. 28, 2024 Effective Date
  • On Jun. 28, 2024, RSA CB and RSA FSCA issued joint communication to inform stakeholders about publication of Determination of the Effective Date of the Joint Standard 2 of 2024 - Cybersecurity and cyber resilience (joint notice).
  • Joint notice determines effective date of the joint standard as Jun. 1, 2025.
Regulators
RSA CB; RSA FSCA
Entity Types
Bank; BHC; CRA; Depo; Exch; IHC; Ins; Inv Co; OTC; Pension; SIFI
Reference
Com 5/2024, RN 1/2024, 6/28/2024; Com 2/2024, RN 2/2024, FS, 5/17/2024; Com 34/2023 12/7/2023; Com 4/2022, 12/14/2022; FS
Functions
BCS; Compliance; Cyber; Financial; Operations; Risk; Technology
Countries
South Africa
Category
State
N/A
Products
Banking; Fund Mgt; Insurance; Pensions; Securities
Rule Type
Final
Regions
EMEA
Rule Date
Dec 14, 2022
Effective Date
Jun 1, 2025
Rule ID
156779
Linked to
Rule :124469
Reg. Last Update
Jun 28, 2024
Report Section
International