ICT providers and a wide range of service providers in the financial space are racing to work out whether their operations are impacted by new EU rules and if so, how. The definitions are fairly broad, so if your organisation has not already looked into DORA, the Digital Operational Resilience Act, now might be the right time.
The US Securities and Exchange Commission (SEC) has published its final rule on Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure by public companies.
In response to the US Securities and Exchange Commission’s (SEC) proposed Cybersecurity Risk Management Rule request for comments, XBRL US have submitted a comment response letter. The rule aims to enhance cybersecurity risk reporting for various entities such as broker-dealers, clearing agencies, security-based swap participants.
This week the European Supervisory Authorities (ESAs) held a technical discussion on the upcoming Digital Operational Resilience Act (DORA). DORA aims to harmonise digital operational resilience requirements across the EU, and will enter into force on 16 January 2023, applicable from 17 January 2025.
The Financial Stability Board recommends greater convergence in cyber incident reporting, including a common format for incident reporting exchange, or FIRE. We urge a digital-first approach using XBRL to ensure comparability and effective analysis.
XBRL US has sent a comment letter to the Securities and Exchange Commission (SEC) in response to its proposal on cybersecurity risk management, strategy, governance, and incident disclosure for public companies.
We were interested to note that the US Securities and Exchange Commission (SEC) has “nearly doubled” the size of its Crypto Assets and Cyber Unit (formerly simply the Cyber Unit), part of its Division of Enforcement.
The US Securities and Exchange Commission (SEC) has proposed significant new rules on cybersecurity risk management, strategy, governance, and incident reporting by public companies.
Two recent proposals from the Securities and Exchange Commission (SEC) include structured reporting elements, as the regulator continues to expand its implementation of Inline XBRL and makes it increasingly de rigueur for new disclosure rules.
We were interested to note a recent report from the Financial Stability Board (FSB) examining current approaches to cyber-incident reporting and suggesting next steps for broader convergence.