Securities Commission issues guidelines on technology risk management for capital market entities

KUALA LUMPUR, Aug 1 — The Securities Commission Malaysia (SC) has issued guidelines on technology risk management, which aims to promote robust and sound technology risk management practices among capital market entities.

In a statement today, it said the guidelines also set out the SC’s expectations on capital market entities when they manage their technology risk.

“In formulating the guidelines, the SC has taken into account feedback received from the public consultation paper on the proposed regulatory framework on technology risk management, which was published last year.

“The requirements set out in the guidelines include the establishment and implementation of an effective technology risk framework, technology project management, technology service provider management and cyber security management by capital market entities,” it said.

SC said the guidelines will be applicable to all capital market entities licenced, registered, approved, recognised or authorised by the SC.

It added that the guidelines are expected to come into effect in the third quarter of 2024 to give sufficient time for capital market entities to familiarise themselves and meet the requirements.

Those who wish for more information on the guidelines may email [email protected], and the guidelines are now available on the SC website at https://www.sc.com.my/regulation/guidelines/cyber-risk-and-technology-risk. — Bernama