ARTICLE
24 October 2016

European Banking Authority Draft Guidance On Information And Communication Technology Risk

AO
A&O Shearman

Contributor

A&O Shearman was formed in 2024 via the merger of two historic firms, Allen & Overy and Shearman & Sterling. With nearly 4,000 lawyers globally, we are equally fluent in English law, U.S. law and the laws of the world’s most dynamic markets. This combination creates a new kind of law firm, one built to achieve unparalleled outcomes for our clients on their most complex, multijurisdictional matters – everywhere in the world. A firm that advises at the forefront of the forces changing the current of global business and that is unrivalled in its global strength. Our clients benefit from the collective experience of teams who work with many of the world’s most influential companies and institutions, and have a history of precedent-setting innovations. Together our lawyers advise more than a third of NYSE-listed businesses, a fifth of the NASDAQ and a notable proportion of the London Stock Exchange, the Euronext, Euronext Paris and the Tokyo and Hong Kong Stock Exchanges.
On October 6, 2016, the European Banking Authority launched a consultation on the proposed Guidelines for the assessment of Information and Communication Technology risk under the Supervisory Review and Evaluation Process.
European Union Finance and Banking

On October 6, 2016, the European Banking Authority launched a consultation on the proposed Guidelines for the assessment of Information and Communication Technology risk under the Supervisory Review and Evaluation Process. The increasing complexity of ICT risk in the banking industry and the increasing potential adverse prudential impact such risks pose to individual firms and on the sector as a whole has led the EBA to propose the Guidelines. The purpose of the proposed Guidelines is to promote common procedures and methodologies for regulators throughout the EU when they are conducting supervisory assessments of a firm's governance and strategy on ICT and a firm's exposures and controls, as required by the Capital Requirements Directive. National regulators should apply the Guidelines to their assessment of firms proportionately, as set out in the EBA SREP guidelines. The proposed Guidelines should be read alongside the EBA SREP Guidelines. Responses to the consultation are due by January 6, 2017.

The draft Guidelines are available at: http://www.eba.europa.eu/documents/10180/1608089/Consultation+Paper+on+Guidelines+on+ICT+Risk+Assessment+under+the+SREP.pdf  and the EBA SREP Guidelines are available at: https://www.eba.europa.eu/regulation-andpolicy/supervisory-review-and-evaluation-srep-and-pillar-2/guidelines-for-common-procedures-and-methodologies-forthe-supervisory-review-and-evaluation-process-srep- .

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.

Mondaq uses cookies on this website. By using our website you agree to our use of cookies as set out in our Privacy Policy.

Learn More