Financial institutions in Canada will need to report cybersecurity incidents that significantly affect operations or external customers to a federal regulator starting March 31.
Canada’s Office of the Superintendent of Financial Institutions (OSFI) Jan. 24 released an advisory for federally regulated banks, insurers, and other financial institutions outlining new expectations for reporting tech and cybersecurity incidents. The advisory overrules any existing incident reporting instructions, the agency said in a statement.
The OSFI, a federal agency that regulates Canada’s financial institutions, describes a technology or cybersecurity incident as one that may “materially impact the normal operations” of the institution. Incidents that ...
Learn more about Bloomberg Law or Log In to keep reading:
See Breaking News in Context
Bloomberg Law provides trusted coverage of current events enhanced with legal analysis.
Already a subscriber?
Log in to keep reading or access research tools and resources.