With significant transformations in the financial sector in recent years, The FSM Bill 2022 aims to enhance MAS’ ability to effectively manage the risks and challenges that impact financial institutions (FI). The bill provides MAS with broader powers to impose Technology Risk Management (TRM) requirements on any FI, with the intention to underscore the critical importance of TRM to the FI’s operations and system(s).

The Monetary Authority of Singapore (“MAS”) introduced a new Financial Services & Markets (“FSM”) Bill 2022 to parliament on 14 February, which is designed to complement and enhance its agility and effectiveness in addressing financial sector-wide risks. On Tuesday April 5, the new Bill was passed.

1. Requirement for Technology Risk Management 

 

The Bill consolidates existing TRM requirements made under various MAS-administered Acts by introducing powers within the FSM Bill that apply to any Financial Institute (FI) or class of Financial Institutes, thus enabling MAS to impose requirements in TRM. On 18 January 2021, the MAS released the revised TRM guidelines addressing the cyber concerns of FIs considering the growing usage of cloud technologies, application programming interfaces, rapid software development, and increasing reliance on third-party vendors.

2. How Does the Bill Affect Financial Institutions

 

With the passing of the FSM Bill, the maximum penalty for each breach of a TRM requirement will be raised to $1 million per breach. An FI could face a much higher than $1 million financial penalty for a serious cyberattack or disruption to essential financial service where multiple breaches of TRM requirements are established (e.g., ATM network disruption, online trading disruption).

3. Current Technological Issues Faced by Financial Institutes

 

  • Cultural Shift - Due to the cultural shift toward a technology-first attitude, FIs must promote a culture of innovation to tackle the financial industry changes and challenges.
  • Rising Expectations - A change in customer demographics that are more tech-savvy plays a big part in heightened expectations of meeting the needs of today’s consumers.
  • Security Incidents - With the prevalence of technology adoption and reliance, there is an increase in cases of security breaches and incidents.

4. How Can RSM Help

 

Over the years, RSM Technology Consulting team has built up a substantial portfolio of TRM audits for our clients, seeking to achieve or maintain the assurance given to their customers. Besides TRM audits, RSM also provide other services such as ABS OSPAR and ISO 27001 compliance reviews, IT General Controls Audits, Personal Data Protection Services, security awareness trainings and Cybersecurity workshops.

 

For further information or assistance, please contact:

Adrian Tan 
Partner & Industry Lead, Technology, Media & Telecommunications 
T: +65 6594 7876 
[email protected]

Hoi Wai Khin, Partner & Deputy Industry Lead, Technology, Media & Telecommunications Practice
T +65 6594 7880
[email protected]