Interested parties can send their feedback until July 3
The Reserve Bank of New Zealand is seeking feedback on proposals for collecting financial entity related data to support cyber resilience.
In a bid to improve its understanding of cyber risks and resilience in the financial sector, RBNZ is proposing the collection of data in these three areas:
- a material cyber incident reporting requirement that mandates regulated entities to report all material cyber incidents to the central bank within 72 hours after detection
- reporting of all cyber incidents, regardless of materiality, on a periodic basis
- a periodic survey on the cyber resilience of regulated entities based on the Reserve Bank’s cyber resilience guidance
“Collection of this information will improve our understanding of cyber resilience in the financial sector,” Kate Le Quesne (pictured above), director of prudential policy. “It will also support industry engagement by sharing insights and ultimately enable better responses to cyber incidents.”
The Reserve Bank is working closely with the Financial Markets Authority on cyber data collection.
“We propose that our material incident reporting template can be used for reporting to both entities and that information gathered from the proposals will be shared,” RBNZ said in a statement. “This would provide a joined-up approach across regulators and minimise regulatory burden for our regulated entities.”
On May 1, 2021, RBNZ and FMA published guidance that sets their expectations on how the regulated entities can build cyber resilience to help promote a sound and dynamic financial system.
Click here for more information about the Cyber resilience data collection.
Consultations close on July 3 at 5pm.
Use the comment section below to tell us how you felt about this.