UK: FCA addresses compliance with EBA Guidelines
The Financial Conduct Authority ('FCA') announced, on 25 June 2020, that it had notified the European Banking Authority ('EBA') that it intends to comply with its Guidelines on ICT and Security Risk Management ('the Guidelines'), which come into force from 30 June 2020. In particular, the FCA outlined that all credit institutions, investment firms, and payment services providers ('PSPs') will be expected to make every effort to comply from the enforcement date. Furthermore, the FCA highlighted that, given the ongoing COVID-19 ('Coronavirus') pandemic, it will apply reasonable supervisory flexibility when assessing the implementation of the Guidelines, encouraging firms to focus on provisions relating to information security, ICT operations, and business continuity. In addition, the FCA added that it is currently consulting on new requirements for operational resilience, which it expects will be published in the first quarter of 2021.
You can read the press release here.