Office of the Superintendent of Financial Institutions
On September 15, 2020, OSFI released
Developing financial sector resilience in a digital world (Discussion Paper). OSFI sought feedback on a range of technology-related risk areas, with a focus on cyber security, advanced analytics, and the technology third party ecosystem.
In response to the consultation, which closed on December 15, 2020, OSFI received over 50 submissions from a diverse group of respondents including federally regulated financial institutions (FRFIs), industry associations, technology companies and consulting firms.
There was broad support for OSFI’s emerging principles-based and technology-neutral perspectives on technology risk management, as presented in the Discussion Paper. Respondents indicated that OSFI should first leverage its existing guidance, and align any additional guidance with existing international and IT standards. The attached Annex provides a brief summary of responses to the consultation.
In light of respondent feedback, OSFI plans to release draft guidance as per the schedule below by quarter and year. The timelines indicated below are reflective of the current OSFI strategic plans. Plans may be subject to change or amended due to external factors.
Respondents will have additional opportunities to provide feedback on specific OSFI proposals prior to the issuance of any final guidance.
More information is available in OSFI’s Near-Term Plan of Prudential Policy.