Singaporean regulator reiterates concerns about cyber security of financial institutions

Maria Nikolova

Financial services providers are encouraged to implement measures to secure data stored on the cloud and their network connections to the cloud service provider.

The Cyber Security Advisory Panel (CSAP) of the Monetary Authority of Singapore (MAS) has reiterated concerns about cyber resilience of financial services providers and has made clear some expectations that it has about these companies with regard to their cyber security.

Singapore’s financial institutions (FIs) are increasingly using public cloud services for cost savings, system scalability, and speed to market. CSAP members suggest that small and medium sized FIs, given their limited resources and capabilities, can improve their cybersecurity by using reputable cloud solution providers that have strong cybersecurity capabilities. There is no clarification, however, on how a small financial business can actually afford itself to use the services of reputable cloud solution provider.

CSAP members also acknowledge there are concentration risks stemming from a growing number of financial services relying on a limited pool of cloud service providers. For that matter, FIs are expected to implement measures to secure data stored on the cloud and their network connections to the cloud service provider. Members also said that cloud service providers should provide greater transparency to their customers on how they implement security measures to protect their systems and information.

FIs are actively making their APIs available to third parties such as service providers and business partners to enrich the quality and customization of their financial services. As APIs expose FIs to higher risks of cyber threat, CSAP members proposed measures which FIs may adopt when embarking on their open API journey. These measures include performing risk assessment of the third parties using their APIs and monitoring activities related to API services for suspicious events.

Talking of cyber security, let’s recall that last month MAS opened consultation on measures to strengthen cyber resilience of financial institutions. There are still a couple of days left to submit comments on the proposals.

Under the proposals, FIs will be required to implement six cyber security measures:

  • address system security flaws in a timely manner;
  • establish and implement robust security for systems;
  • deploy security devices to secure system connections;
  • install anti-virus software to mitigate the risk of malware infection;
  • restrict the use of system administrator accounts that can modify system configurations; and
  • strengthen user authentication for system administrator accounts on critical systems.

The consultation closes on October 5, 2018.

Read this next

Retail FX

Investors from Cyprus and Dubai acquire ‘significant stake’ in M4Markets

Seychelles-regulated brokerage firm M4Markets firm has picked up some investment from Cyprus and Dubai based investors in a new funding round that it will be using to grow its business.

Executive Moves

UAE broker Amana elevates Amr Masry to sales director

Amr Masry has been promoted to a new senior role at Amana Capital, becoming the group’s newest Sales Director, following a successful tenure with the UAE-based FX and CFDs broker.

Executive Moves

TopFX promotes Omar Al-Janabi to head of sales and business development

Prime brokerage firm TopFX has strengthened its Middle East operations with the promotion of Omar Al-Janabi, who is taking on an expanded role as global head of sales and business development.

Retail FX

Plus500 says 2022 revenue to be ‘significantly’ ahead of analysts’ estimates

Israeli-based, but London-stock market listed Plus500 said it expects annual revenue and earnings to be ahead of analysts’ estimates even as trading levels normalised from record volumes in the first quarter.

Digital Assets

Crypto derivatives giant BitMEX launches spot market

Crypto exchange BitMEX is looking to branch out of its singular focus on crypto derivatives with a suite of new product offerings. Although derivatives are to remain at the heart of BitMEX’s business, the popular platform will add spot crypto trading as it aims to aggressively grow their user base.

Uncategorized

PrimeXM reports mixed trading volumes for April

PrimeXM has reported weaker trading volumes for April 2022, in line with other institutional and retail platforms that saw the activity of their clients dropped compared to a month earlier.

Digital Assets

DLT Finance approved by BaFin to support brokerage and custody of digital assets

DLT Finance is already partnered with big names within the digital asset space, including Kraken, Bitstamp, B2C2, and Bittrex.

Institutional FX

LUKB taps vestr to launch actively managed products, AMCs

The partnership with vestr goes to show the growing importance of digitising the active investment management space.

Digital Assets

Jewel taps Tokeny to launch stablecoin-as-a-service solution on Polygon

Jewel aims to offer a stablecoin-as-a-service solution to other digital asset and financial institutions B2B, allowing those businesses to provide cheaper, easier and near real time payments with stablecoins issued and redeemable directly at the bank level at Jewel.

<