[author: Wayne Scott]
The Parliament of Singapore has passed new laws this month that will award the Monetary Authority of Singapore (MAS) with new powers to enforce technology risk management requirements for financial institutions.
Failure to comply with regulation could result in fines of up to $1 million – or even higher if several rules are broken, or if an incident impacts the financial institution’s customers or other partners, for example.
Singapore has been leading the way on promoting better operational resilience and third-party risk management in the financial services sector. The new laws follow the publication of new Technology Risk Management (TRM) guidelines last year, which required financial institutions to have risk mitigation and business continuity measures in place.
Regulating technology risk with escrow
Although not a new concept, it is vital that financial institutions consider the risks associated with increasing reliance on third-party software. The TRM guidelines lay out detailed steps financial institutions should take to mitigate the associated risk including specifically naming escrow agreements and verification testing as a viable…