As previously highlighted in an industry speech, the Central Bank of Ireland (the "Central Bank") has recently completed a thematic inspection on cybersecurity risk in the asset management sector. On 10 March 2020, the Central Bank issued an industry letter outlining key findings identified during the inspection process (the "Letter").

The Central Bank inspected four asset management firms with varying business models to determine the adequacy of cybersecurity controls and cybersecurity risk management practices of the inspected firms, and also to identify good practices and common issues in order to raise industry standards.

The Central Bank comments in the Letter that many of the weaknesses highlighted in the Central Bank’s 2016 Cybersecurity Guidance are still prevalent. It also comments that it is the responsibility of boards and senior management to ensure that cybersecurity is embedded in their firms and indicates that this should be achieved through a mixture of awareness, building and enhancing resilience capabilities, and displaying adequate governance and oversight of the firms’ cybersecurity risk profiles.

The Letter sets out a range of key findings and, in each case, a summary of the measures in the relevant area that the Central Bank expects firms to take.

Among the key findings is a statement that a firm's senior management "should ensure that there is a well-defined and comprehensive IT and cybersecurity risk management framework in place that provides effective oversight of IT related risks and gives assurance to the Board regarding the management of these risks within the firm."

There is also a comment that firms "must give more consideration and support to identifying and managing the different threats they are exposed to, whilst recognising that the inherent risks of IT are continuously increasing."

The Letter is required to be brought to the attention of all board members and senior management before 30 April 2020.

How the Maples Group can help

Maples can assist with the regulatory aspects of your cybersecurity risk management framework in a range of ways, including drafting or reviewing and enhancing a firm's cybersecurity risk management policy in line with the Central Bank's Cybersecurity Guidance and the key findings in the Letter.

Further Information

If you would like further information, please liaise with your usual Maples Group contact or any of the team below:

Print Ready Version

CONTACTS

bioImage

Peter Stapleton

Partner

+353 1 619 2024

bioImage

Stephen Carty

Partner

+353 1 619 2023

bioImage

Ian Conlon

Partner

+353 1 619 2714

bioImage

Ronan Cremin

Partner

+353 1 619 2756

bioImage

John Gallagher

Partner

+353 1 619 2073

bioImage

Philip Keegan

Partner

+353 1 619 2122

bioImage

Deirdre McIlvenna

Partner

+353 1 619 2064

bioImage

Aaron Mulcahy

Partner

+353 1 619 2104

bioImage

Eimear O'Dwyer

Partner

+353 1 619 2065

bioImage

Niamh O'Shea

Partner

+353 1 619 2722

bioImage

Emma Conaty

Head of Global Registration Services

+353 1 619 2708

bioImage

Adam Donoghue

Partner

+44 20 7466 1711

bioImage

Pádraig Brosnan

Partner

+1 345 814 5441

bioImage

Michelle Lloyd

Partner

+852 3690 7504

*
*
*
*


Please note that your email may be received and read by other Maples Group employees in addition to your intended recipient.

The use of this form does not create an attorney-client relationship and information submitted will not necessarily be treated as privileged or confidential, nor will it prevent us from accepting related instructions on behalf of others. Do not send us any information regarding any current or potential legal matters until your proposed engagement of us as legal counsel has been agreed and confirmed by us in writing.

*
*
*

Please note that your email may be received and read by other Maples Group employees in addition to your intended recipient.

Connect

Want to get in touch ?

Contact Us