Trade Associations Urge Chinese Authorities to Enhance IT Security Regulation in the Banking Sector

The Asia Securities Industry and Financial Markets Association ("ASIFMA") and other associations (collectively, the "associations") submitted comments to the China Banking Regulatory Commission on general principles for enhancing IT Security in the banking sector.

In their comments, the associations recommended:

  • Transparency and sufficient time for consultation with industry principals on proposed approaches in the policy-making process;
  • Flexible and adaptable policies that avoid a one-size-fits-all approach to "developing IT security guidelines in the banking sector";
  • A risk-based approach to checking entire systems for cyber threats in order to "foster a prudential regulatory framework that can be more efficient and more effective than focusing on individual functions or processes";
  • Reliance on global security standards based on industry consensus; and
  • Cooperative and market-based approaches that "achieve desirable outcomes" between regulators and banks.

The associations also listed global regulatory authorities that have "incorporated these principles in their domestic bank technology requirements." These included authorities in Canada, Germany, Hong Kong, Singapore, the United Kingdom and the United States.

Tags