ASIC warns AFSLs of cyber-attack risk
Australian Financial Services Licensees (AFSLs) are being urged to ensure they meet their cyber-security obligations following the release of the Australian Securities and Investments Commission's (ASIC's) Cyber resilience: Health Check report.
ASIC chairman, Greg Medcraft, warned AFSLs that cyber-attacks posed a "major risk" to the financial services sector.
"The electronic linkages within the financial system mean the impact of a cyber-attack can spread quickly—potentially affecting the integrity and efficiency of global markets, and trust and confidence in the financial system," he said.
"This report outlines some ‘health check prompts' to help businesses review their cyber resilience—including flagging relevant legal and compliance requirements, particularly on risk management and disclosure.
"We encourage businesses, particularly where their exposure to a cyber-attack may have a significant impact on financial consumers and investors or market integrity, to consider using the United States' NIST Cybersecurity Framework to manage their cyber risks or stocktake their risk management practices."
The report stated that AFSLs were required to "explicitly identify the risks" they face and have measures in place to mitigate or avoid those risks.
ASIC said it expected AFSLs to ensure their risk management systems will:
- be based on a structured and systematic process that takes into account your obligations under the Corporations Act;
- identify and evaluate risks faced by your business, focusing on risks that adversely affect consumers or market integrity (this includes risks of non-compliance with the financial services laws);
- establish and maintain controls designed to manage or mitigate those risks; and
- fully implement and monitor those controls to ensure they are effective.
Recommended for you
With the highest number of candidates in a year sitting the latest financial advice exam, a surge of new entrants are expected in the coming weeks, according to Wealth Data.
AMP has launched a range of five diversified index managed portfolios on its North investment platform, targeting a younger client demographic.
An NSW adviser, who advised over 120 clients after falsifying her financial advice exam results, has been permanently banned by ASIC.
ASIC has released the results from the latest financial adviser exam, the first to be run since changes to its structure earlier this year.