EY refers to the global organization, and may refer to one or more, of the member firms of Ernst & Young Global Limited, each of which is a separate legal entity. Ernst & Young Global Limited, a UK company limited by guarantee, does not provide services to clients.
Select your location
Local sites
Enhancing cybersecurity posture in the financial industry
In November 2024, Bank Negara Malaysia (BNM) issued an exposure draft of the Risk Management in Technology (RMiT) policy document for public feedback. The exposure draft raises the bar by outlining new requirements on financial institutions’ (FIs) management of technology risks. These requirements aim to further upgrade the resilience of financial services and enhance system-wide cyber defense.
This policy revision enhances supervisory review processes for emerging technologies to better facilitate digitalization of the financial system in Malaysia. The proposed additions may affect FIs that need to adjust to the increased burden of compliance.
In an industry where the threat landscape is constantly expanding, raising the risk of security breaches, regulations and compliance should not merely be a check list. Instead, these requirements should act as a reference guide that helps organizations continuously enhance their security posture and safeguard their operations.