Catagory:Government Regulation, Legislation & Enforcement

1
Cybersecurity Risk Management – Financial Services Entities Required to Act
2
New Data Retention Laws Implementation Deadline
3
ASIC Releases Updated Guidance on Electronic Disclosure
4
Cyber Resilience for Financial Services Entities
5
Government Regulation, Legislation and Enforcement Updates
6
Government Regulation, Legislation and Enforcement Updates
7
European Union – General Data Protection Regulation (GDPR)

Cybersecurity Risk Management – Financial Services Entities Required to Act

Oct 20 2015
Browse archives for October 20, 2015
Posted in

Government Regulation, Legislation & Enforcement

Tagged with , , , , ,
Share

By Jim Bulling

It seems clear following the release in March this year of ASIC Report 429 Cyber Resilience, that all Australian Financial Services Licensees and superannuation funds are currently required to include in their risk management framework measures aimed at addressing the risks posed by cybersecurity breaches.

In addressing the risks ASIC recommends that the U.S. National Institute for Standards and Technology (NIST) framework is a relevant risk management tool. The NIST standards set out the key objectives of an appropriate risk framework:

  • identify the critical assets and governance processes
  • protect critical assets
  • detect breaches and incidents
  • responses to breaches and incidents
  • recovery and reinstatement of systems.

You can download a copy of the framework here

These objectives will need to be merged into the existing financial services policy frameworks which financial services entities already have in place.

New Data Retention Laws Implementation Deadline

Oct 12 2015
Browse archives for October 12, 2015
Posted in

Government Regulation, Legislation & Enforcement

Tagged with , , , , ,
Share

By Cameron Abbott and Melanie Long

From 13 October 2015, telecommunications service providers that use communications infrastructure in Australia to provide any of their services may be required to retain and secure certain data for two years. The new obligations under the Telecommunications (Interception and Access) Amendment (Data Retention) Act 2015 (Cth) apply to licensed carriers, carriage service providers and internet service providers. However, some services are specifically excluded including, for example, broadcasting services. The data retention obligations will apply regardless of the size of the company and/or its customer base.

Broadly, the type of data that must be retained includes:

  • the source and destination of a communication
  • the date, time and duration of a communication
  • communication type
  • location of communications equipment.

Read More

ASIC Releases Updated Guidance on Electronic Disclosure

Jul 28 2015
Browse archives for July 28, 2015
Posted in

Government Regulation, Legislation & Enforcement

Tagged with , , , , , ,
Share

by Jim Bulling and Julia Baldi

ASIC has released updated guidance on electronic disclosure. RG 221:Facilitating online financial services disclosures. It outlines ASIC’s expectations for financial services providers that use (or plan to use) technology, including email and the internet, to deliver financial product and financial services disclosures to clients.

See RG 221 here.

Cyber Resilience for Financial Services Entities

May 20 2015
Browse archives for May 20, 2015
Posted in

Government Regulation, Legislation & Enforcement

Tagged with , , , , , , , ,
Share

by Jim Bulling and Julia Baldi

ASIC Report 429
In March this year, the Australian Securities and Investments Commission (ASIC), issued Report 429 Cyber resilience: Health check (REP 429). The report aims to highlight the importance of cyber resilience for entities regulated by ASIC, including Australian Financial Services Licence holders, Australian Credit Licence holders and listed entities. The Report indicates that ASIC is keen to ensure that Australia keeps pace with developments in Europe and the United States in combatting cybersecurity risks.

Click here to read the full article.

Government Regulation, Legislation and Enforcement Updates

Apr 20 2015
Browse archives for April 20, 2015
Posted in

Government Regulation, Legislation & Enforcement

Tagged with , , , , , , , , , , , , , ,
Share

by Jim Bulling and Julia Baldi

Australian Federal Government Cybersecurity Review
The Australian Federal Government holds a Cybersecurity Review.

See the Australian Government’s summary of the review here.

SEC Guidance Update
The SEC’s Investment Management Team published a Guidance Update which outlines measures managed funds and investment advisers may wish to consider in addressing cybersecurity risk. The guidance includes practical tips applicable to Australian entities.

See the Guidance Update here.

Read More

Government Regulation, Legislation and Enforcement Updates

Feb 01 2015
Browse archives for February 01, 2015
Posted in

Government Regulation, Legislation & Enforcement

Tagged with , , , , , , , , , , ,
Share

by Jim Bulling and Julia Baldi

China Introduces new Cybersecurity Laws
China introduced new cybersecurity laws, which require both local and foreign banks and financial institutions with Chinese clients (including Australian financial institutions) to use IT equipment deemed “secure and controllable” by Beijing. The breadth of the laws has upset foreign financial institutions given the potential cost of compliance if foreign entities must implement IT equipment systems in accordance with Chinese directives.

See the Financial Times report here.

Read More

European Union – General Data Protection Regulation (GDPR)

Jan 01 2015
Browse archives for January 01, 2015
Posted in

Government Regulation, Legislation & Enforcement

Tagged with , , ,
Share

by Jim Bulling and Julia Baldi

The European Union has indicated an intention to finalise the General Data Protection Regulation (GDPR) before the end of 2015. This has the potential to effect Australian companies operating or storing data in Europe.

See the EU press release here.

Copyright © 2025, K&L Gates LLP. All Rights Reserved.