Canada: Implemented OSFI Guideline B-13 on Technology and Cyber Risk Management

Compare with different regulatory event:

Description

Implemented OSFI Guideline B-13 on Technology and Cyber Risk Management

On 1 January 2024, Guideline B-13 on Technology and Cyber Risk Management issued by the Canadian Office of the Superintendent of Financial Institutions (OSFI) is implemented. Guideline B-13 sets out OSFI's requirements on how federally-regulated financial institutions should manage technology and cybersecurity, including risks such as data breaches. The Guideline outlines three main areas for risk management, namely governance and risk management, technology operations and resilience, and cyber security.

Original source

Scope

Policy Area

Data governance

Policy Instrument

Cybersecurity regulation

Regulated Economic Activity

digital payment provider (incl. cryptocurrencies), other service provider

Implementation Level

national

Government Branch

executive

Government Body

other regulatory body

Complete timeline of this policy change

Hide details

2020-09-15

in consultation

On 15 September 2020, the Canadian Office of the Superintendent of Financial Institutions (OSFI) pu…

2020-12-15

processing consultation

On 15 December 2020, the Canadian Office of the Superintendent of Financial Institutions (OSFI) clo…

2021-11-09

in consultation

On 9 November 2021, the Canadian Office of the Superintendent of Financial Institutions (OSFI) rele…

2022-02-09

processing consultation

On 9 February 2022, the Canadian Office of the Superintendent of Financial Institutions (OSFI) clos…

2022-07-13

adopted

On 13 July 2022, the Canadian Office of the Superintendent of Financial Institutions (OSFI) release…

2024-01-01

in force

On 1 January 2024, Guideline B-13 on Technology and Cyber Risk Management issued by the Canadian Of…