ASIC warns AFSLs of cyber-attack risk
Australian Financial Services Licensees (AFSLs) are being urged to ensure they meet their cyber-security obligations following the release of the Australian Securities and Investments Commission's (ASIC's) Cyber resilience: Health Check report.
ASIC chairman, Greg Medcraft, warned AFSLs that cyber-attacks posed a "major risk" to the financial services sector.
"The electronic linkages within the financial system mean the impact of a cyber-attack can spread quickly—potentially affecting the integrity and efficiency of global markets, and trust and confidence in the financial system," he said.
"This report outlines some ‘health check prompts' to help businesses review their cyber resilience—including flagging relevant legal and compliance requirements, particularly on risk management and disclosure.
"We encourage businesses, particularly where their exposure to a cyber-attack may have a significant impact on financial consumers and investors or market integrity, to consider using the United States' NIST Cybersecurity Framework to manage their cyber risks or stocktake their risk management practices."
The report stated that AFSLs were required to "explicitly identify the risks" they face and have measures in place to mitigate or avoid those risks.
ASIC said it expected AFSLs to ensure their risk management systems will:
- be based on a structured and systematic process that takes into account your obligations under the Corporations Act;
- identify and evaluate risks faced by your business, focusing on risks that adversely affect consumers or market integrity (this includes risks of non-compliance with the financial services laws);
- establish and maintain controls designed to manage or mitigate those risks; and
- fully implement and monitor those controls to ensure they are effective.
AUTHOR
Nicholas O'Donoghue
Recommended for you
Two law firms have highlighted licensees’ responsibility to ensure they have sufficient cyber security measures in light of the enforcement action against Fortnum Private Wealth.
A former director has pleaded guilty to providing financial product advice without holding an AFSL which saw almost $2 million transferred to him.
Commonwealth Private Limited, a subsidiary of Commonwealth Bank of Australia, has launched a wholesale offering with the help of JPMAM.
Shaw and Partners’ new national head of private wealth believes the biggest challenge for financial advisers right now is being able to deliver efficient advice delivery amid a complex regulatory environment and growing investment universe.
