Our company Our leadership Our values Events News Contact Us

Careers overview Current vacancieshiring Early Careers Benefits

Blogs Case studies Webinars White papers

Contact sales

Your priorities
The Platform
our solutions
- Audit & risk Audit and risk
  External Audit
  Improve the accuracy and efficiency of audits and build trust with clients.
  
  Internal Audit
  Gain total oversight and control of internal audit activity.
  
  Risk Management
  Centralize data for a holistic and strategic view of risk.
  
  Audit and risk solutions
  Audit and risk solutions that help you protect your business, engage with clients and have more strategic influence.
  Latest Gartner® Market Guide for EHS Software
  Download now
- DOCUMENT COLLABORATION DOCUMENT COLLABORATION
  Huddle
  Flexible and highly secure document collaboration for regulated industries.
  
  Mail Manager
  Email add-in for Outlook to boost productivity and improve document management.
  
  OnePlace Solutions
  Connect, simplify and personalize business systems built on Microsoft 365
  
  PleaseReview
  Real-time document review, co-authoring and redaction for regulated industries.
  
  Document collaboration solutions
  Bring teams and customers together with our document collaboration solutions to securely manage emails and documents.
  Latest Gartner® Market Guide for EHS Software
  Download now
- E-Learning and Content E-Learning & Content
  CompliSpace
  Policy, learning and assurance management to meet GRC obligations.
  
  WorkRite
  Workplace training and e-learning management system to meet regulatory requirements.
  
  E-learning and content solutions
  Meet regulatory requirements, bring policies to life, and keep employees safe with e-learning and content solutions.
  Latest Gartner® Market Guide for EHS Software
  Download now
- Environmental, Health and Safety Environmental, Health & Safety
  Coruson
  Aviation safety management for complete control and reporting of operational risk.
  
  EHS
  A unified EHS solution enabling employees to report incidents, identify risks in real-time and automate safety.
  
  Maritime safety
  A wealth of experience and expertly crafted product suites tailored to ensure safety in the maritime industry.
  
  Environmental, health and safety solutions
  Improve safety, reduce risk and enhance environmental, health and safety performance across your business.
  Latest Gartner® Market Guide for EHS Software
  Download now
- quality quality
  Quality Control
  Automate quality inspections and documentation to satisfy regulators and customers.
  
  Quality Management
  Digitalize your quality management processes for complete organizational insight.
  
  Smartforms
  Improve mobile incident and event reporting for real-time situational awareness.
  
  Supplier Management
  Gain real-time visibility over your supply chain, simplify compliance and protect your brand.
  
  Quality solutions
  QMS solutions to help take control and ensure quality in every step of the process to unlock your full potential.
  Latest Gartner® Market Guide for EHS Software
  Download now
- A-Z Products

Our company Our leadership Our values Events News Contact Us

Careers overview Current vacancieshiring Early Careers Benefits

Blogs Case studies Webinars White papers

Contact Sales

Contact sales

2024 Resilience nation report • Download now

Home
Thought Leadership
Blog
Singapore tightens MAS technology risk management guidelines

Singapore tightens MAS technology risk management guidelines following cyber security attacks

Why have the MAS TRM guidelines been revised?

Regulated financial and insurance firms have seen an increased reliance on digital technologies in order to deal with the pandemic, improve operational efficiency and deliver better and more convenient customer services. However, this reliance has led to a more accessible platform for cyber criminals to target.

The new compliance procedures can also be seen as timely and crucial when it comes to nationwide digitalisation, an advance in intelligent cyber criminals and the latest cyber-attacks to supply chains, where established network management software became a victim.

How will the new MAS technology risk management guidelines affect Financial institutions?

Financial institutions in Singapore must now adhere to further compliance measures when managing their IT infrastructure and vendors in order to mitigate any posing cyber threats.

The new regulations are a way to protect data confidentiality and impose much-needed supervision of partnerships with third-party service providers.

The amended guidelines introduce MAS’s sharper expectations for financial institutions’ cyber risk management standards and practices. Some of the revised regulations are as follows:

Expanded responsibilities for the board of directors and senior management

The Board of Directors and senior management of financial institutes now have a considerably larger responsibility for managing technology risk and cyber security attacks.

Firms have been advised to appoint a Chief Information Officer and a Chief Information Security Officer with the right expertise to oversee and manage the FI’s technology and cyber risks.

The board of directors must approve the risk appetite and risk tolerance statement and ensure crucial IT decisions are made in agreement with the FI’s risk appetite.

Risk management for new technologies

The guidelines now include more stringent requirements for advanced technologies, such as third-party access of APIs (application programming interface), virtualisation of machines and Internet of Things devices.

Before facilitating any third parties to access APIs, financial institutions must implement an array of security measures, such as establishing security standards for designing and developing secure APIs and performing robust security screening.

Cyber security operations

Financial institutions must now provide specific information on how they are mitigating cyber security risks. Firms must take a proactive approach to digitally defending their data.

The guidelines recommend that corporations should obtain cyber intelligence monitoring services and establish a cyber incident response and management plan to isolate current cyber threats and mitigate any future ones.

Firms should review and update their existing processes, evaluating the types of technologies they implement and assessing whether more stringent security measures are needed, whilst reporting and sharing any findings within the financial ecosystem.

The MAS said in a statement that the new amendments are expected to help businesses to persevere with the ever-advancing technologies as well as changes in the existing cybersecurity threat landscape. MAS expects all financial institutions to take steps to guarantee that their business operations comply with the 2021 Guidelines.

In response to complying with the new MAS technology risk management guidelines, your company may need to implement a systematic and evidential approach to accountability and competency, which can be a daunting process. Pentana Compliance gives your business all the tools you need to facilitate effective regulatory compliance, allowing firms to streamline business processes and provides regulators and stakeholders complete assurance that every aspect of people and process regulation is addressed.

CONNECT WITH US

Solutions

AUDIT & RISK
External Audit
Internal Audit
Risk Management

DOCUMENT COLLABORATION
Huddle
Mail Manager
OnePlace Solutions
PleaseReview

E-LEARNING & CONTENT
CompliSpace
WorkRite

ENVIRONMENTAL, HEALTH & SAFETY
Coruson
EHS
Maritime Safety

QUALITY
Quality Control
Quality Management
Smartforms
Supplier Management

USEFUL LINKS

Sustainability report

CONNECT WITH US

Privacy policy Terms of use Data protection policy Environmental policy Sexual harassment policy Slavery and human trafficking statement