This browser is not actively supported anymore. For the best passle experience, we strongly recommend you upgrade your browser.
Welcome to Reed Smith's viewpoints — timely commentary from our lawyers on topics relevant to your business and wider industry. Browse to see the latest news and subscribe to receive updates on topics that matter to you, directly to your mailbox.
| less than a minute read

EBA publishes final Guidelines on ICT and security risk management

This is the EBA's version of Cyber security requirements.  They go beyond protecting against just cyber attacks but also cover the risks arising from IT failures.  

Many financial organisations rely on third party technology suppliers to provide their technical solutions, in some cases on an outsourcing basis.  

These rules should therefore be read in conjunction with the EBA Outsourcing Guidelines, accessible here:

The increasing digitalisation in the financial sector and the growing interconnectedness across financial institutions and third parties make financial institutions’ operations vulnerable to internal and external ICT and security risks that can potentially compromise their viability. As a result, sound ICT and security risk management are key for a financial institution to achieve its strategic, corporate, operational and reputational objectives.


fintech, bankingtechnolgy