Brazil's National Monetary Council Issues New Rules On Cybersecurity Policies And Data Processing And Storage Requirements

Jones Day is a global law firm with more than 2,500 lawyers across five continents. The Firm is distinguished by a singular tradition of client service; the mutual commitment to, and the seamless collaboration of, a true partnership; formidable legal talent across multiple disciplines and jurisdictions; and shared professional values that focus on client needs.

Explore Firm Details

On April 26, 2018, Brazil's National Monetary Council issued Resolution 4,658, creating new rules on cybersecurity policies and requirements for data processing and storage.

Brazil Technology

Authors

On April 26, 2018, Brazil's National Monetary Council issued Resolution 4,658, creating new rules on cybersecurity policies and requirements for data processing and storage (source document in Portuguese). Per the Resolution, institutions authorized to operate by the Central Bank of Brazil must implement a cybersecurity policy in order to ensure confidentiality of data systems. In addition, the Resolution requires that institutions notify the Central Bank of third-party vendor contracts, regardless of the nationality of the corresponding service provider.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.

Authors

Daniel J. McLoon

Mauricio Paez

Richard Johnson

Jonathon Little

Todd McClelland

Jeff Rabkin

Lisa M. Ropple

Adam Salter

Michiru Takahashi

Undine Von Diemar

Olivier Haas