Compare with different regulatory event:
On 3 July 2023, the Reserve Bank of New Zealand closed the consultation on the Cyber Resilience Regulation in the financial sector. The consultation aims to improve the collection of cyber-related information by requiring entities, such as registered banks, deposit takers, and insurers, to report material cyber incidents to the Reserve Bank as soon as practicable but within 72 hours. Entities are also required to report all cyber incidents to the Reserve Bank, regardless of materiality, with large entities required to report all cyber incidents every six months and other entities annually. In addition, regulated entities are required to conduct a cyber resilience survey. In particular, the regulation requires entities to report to the Reserve Bank on their self-assessment against the Bank's cyber resilience guidance, with large entities required to report annually and other entities every two years. The consultation is part of a three-step approach to support building cyber resilience in regulated entities, to promote a sound and dynamic financial system.
Original source