MR No. 2022 – 17
The Financial Markets Authority (FMA) - Te Mana Tātai Hokohoko has published an information sheet to help financial services firms enhance the resilience of their technology and operational systems, and meet any relevant licence obligations.
The information sheet notes financial services are a popular target for cyber criminals – the sector recorded the highest number of reported incidents across all other industries in New Zealand for the quarter ended March 2022.
The FMA says there appear to be shortcomings in the cyber resilience and operational systems among entities it licenses, including underinvestment in technology and the use of unsupported or legacy systems.
All entities licensed by the FMA must meet the following obligations:
Financial advice providers have specific obligations for business continuity and technology systems.
In 2019, the FMA published a thematic review of cyber resilience in FMA-regulated entities, which highlighted the regulator’s expectations around cyber and operational resilience.