The proposed guidelines are intended to help brokers better protect their clients’ personal data
In a bid to stem the growing threat of cybercrime, the Mortgage Broker Regulators’ Council of Canada has announced that it has published its draft cybersecurity preparedness guidance for consultation.
Available at the council’s online portal, the document provides guidelines “intended to help mortgage brokers better protect their clients’ digital information,” MBRCC said.
“Cyber threats present a significant and growing risk to the mortgage brokering sector,” the group added. “The increase in online communications and the use of technology in mortgage services offer advantages along with a responsibility to proactively manage new risks.”
Read more: Data breach attempts on Canadian organizations intensify
Chief among a broker’s cybersecurity responsibilities is ensuring accountability for consumer data.
“Responsibility for complying with safe cybersecurity practices applies to all people in an organization, even if they do not have oversight roles,” MBRCC explained. “Entities should invest and assign all the resources needed to develop and maintain effective cybersecurity safeguards to protect client information, particularly personal information.”
“Regulated entities are responsible for protecting their clients’ information against cyber incidents by ensuring that their third-party service providers have cybersecurity preparedness practices in place,” the group said. “The mortgage brokering sector works within a network of providers; more complex and extensive networks increase cybersecurity risk. Careful relationship management is important to minimize vulnerabilities and to help ensure the protection of client information.”
MBRCC said that its consultation period for the draft is scheduled to close on May 02. The group is inviting interested parties to submit their feedback to [email protected].