On Jun. 22, LBN FSA drafted cyber risk management guidance.
LBN FSA drafted technology/cyber risk management for banks/(re)insurers guideline.
Aim at strengthening technology and cyber resilience against operational disruptions.
Drafted Guidelines
Apply to Labuan financial institutions (LFI) including banks, investment banks, Islamic banks, Islamic investment banks, insurers, reinsurers, takaful and retakaful operators.
Excluding Labuan captive business a well as Labuan captive takaful business.
Anyone who violate guidelines may be subject to penalty and/or enforcement actions.
Specify the minimum standards including technology and cyber governance, technology risk management, cyber-security management and cyber-incident alerts.
Technology operation management cover areas such as project management, system development, cryptography, management of information assets as well as data center.
Effectiveness
The draft guidelines do not include a deadline for submission of comments/feedback.
Expected to be effective from Jan. 1, 2025; LFIs may adopt prior to the effective date.
Jul. 2023 Consultation Period Closed
On Jul. 28, 2023, LBN FSA announced that the consultation period has closed.
Dec. 2023 Guidelines Published
On Dec. 6, 2023, LBN FSA published final guidelines on technology and cyber risk management for Labuan banking and insurance business and FAQ on the guidelines.
LBN FSA expects LFIs to adhere to the minimum standards set out in the guidelines.
The guidelines shall come into effect on Jan. 1, 2025, earlier adoption is encouraged.
