Argentina: Implemented Communication 7724 outlining minimum requirements for the management and control of technology and information security risks

On 6 September 2023, Communication 7724 by the Argentine Central Bank (ACB), outlining minimum requirements for the management and control of technology and information security risks for financial institutions, was implemented. The regulated entities must implement governance programs that include risk management, internal policies, continuous evaluation, internal training, and proper documentation of data and security incidents. Furthermore, financial institutions must create a department or role for managing the information technology systems and security risks, classify data and information based on criteria such as confidentiality, and develop cyber incident management policies with designated points of contact for reporting incidents and mitigating their impact. Finally, the entities are required to implement processes for managing technological infrastructure updates and online security processes and adopt measures to detect and remove unauthorized profiles on social media and e-commerce platforms.