SBP issues draft guidelines for IT governance in banks
KARACHI: The State Bank of Pakistan (SBP) has framed draft guidelines for the financial institutions to manage risks associated with the use of information technology that is based on international standards for technology governance, the central bank said on Tuesday.
The SBP issued draft guidelines, recommending ways to enhance technology, security, operations, audit and related domains and to create overall safe and secure technology operations in banks.
“The SBP has developed the framework on information technology governance and risk management in financial institutions to keep abreast with the aggressive and widespread adoption of technology in the financial service industry and consequently strengthen existing regulatory framework for IT risk supervision,” it said.
“This framework shall be integrated with the financial institutions' overall enterprise risk management programme.” The banks are expected to assess and conduct a gap analysis between their current status and the guidelines and draw a time-bound action plan to address the gaps and comply with the guidelines.
The central bank also said that financial institutions will exercise sound judgement in determining applicable provisions relevant to their risk profile. The SBP asked all banks to upgrade their systems, controls and procedures to ensure compliance with these instructions latest by December 31, 2017.
The framework is based on international standards and recognised principles of international practice for technology governance and risk management and shall serve as SBP's baseline requirement for all banks.
The framework will apply to all financial institutions, which includes commercial banks (public and private sector banks), Islamic banks, Development Finance Institutions (DFIs), and Microfinance Banks (MFBs).
The financial institutions will ensure compliance with this framework, while introducing new products either all by themselves; or in the form of co-branding or in partnership with other entities.
The framework is not "one-size-fits-all" and implementation of the same need to be risk-based and commensurate with size, nature and types of products and services and complexity of IT operations of the individual financial institutions.
The comprehensive enterprise IT governance framework shall enable a financial institution to evaluate the current and future use of IT, direct the preparation and implementation of plans and policies to ensure that use of IT meets business objectives and monitor conformance to policies, and performance against the plans.
The framework entails an IT strategy, organisational structures, roles of the board and senior management and IT policy framework.
The SBP has invited the interested parties, institutions or individuals, from banking sector, IT industry, academia and other stakeholders to review the proposed draft framework and provide comments / feedback till March 31.
-
Prince Harry May Not Bring Meghan And Children To UK Over Latest Snub: Report -
Leon Black, Debra Black’s Marriage And Epstein Ties Draw Fresh Interest -
Princess Beatrice Seen Walking Alone In London -
Matt Damon Reveals Tough Filming Conditions On Christopher Nolan's 'The Odyssey' -
Oliver Tree's New Foundation Reveals Bold Mission To Back Artists -
'The Bear' Star Ebon Moss-Bachrach Shares 'complex Feelings' About Finale -
‘Supergirl’ Fails To Knock Down 2026 Box Office Juggernaut -
Colin Farrell Reveals How This Role Saved Him From Penguin ‘poison’ -
Hugh Jackman Reveals Why He Is Attracted To Anti-heroes -
Changes Made To King Charles’ Official Role: Report -
Footballer Héctor Bello Pays Tribute To Wife Who Died In Venezuela Earthquakes -
Trump Administration Likely To Unblock Anthropic Fable 5 Soon -
Nancy Guthrie Update: Hoda Kotb Put On Standby As Savannah Leaves ‘everyone Deeply Worried’ -
Taylor Swift, Travis Kelce Wedding: Street Closures Spark Backlash -
King Charles Honours Local Heroes In Inspiring Parliament Speech -
Scientists Find Ancient Microbial Life In Places It Shouldn't Exist