The Securities Commission Malaysia issued the Guidelines on Technology Risk Management, aiming to promote robust and sound technology risk management practices among capital market entities.
The Guidelines sets out the commission’s expectations on capital market entities when they manage their technology risk. In formulating the Guidelines, the SC has taken into account feedback received from the Public Consultation Paper on The Proposed Regulatory Framework on Technology Risk Management, which was published last year.
Among the requirements set out in the Guidelines include the establishment and implementation of an effective technology risk framework, technology project management, technology service provider management, and cyber security management
by capital market entities. The Guidelines will be applicable to all capital market entities licensed, registered, approved, recognised or authorised by the SC.
To allow sufficient time for capital market entities to familiarise themselves and meet the requirements of the Guidelines, the Guidelines are expected to come into effect in Q3 2024. The SC will be engaging with related capital market entities to provide guidance, where required, on the requirements of the Guidelines.
