BOV Boosting Employee Retention through Occupational Pension Schemes

by Bank of Valletta
28th November 2023
Whereas technological arrangements deliver cutting-edge benefits to both financial services firms and their customers, it is also true that these introduce new risks to licence holders, ranging from ICT governance risks to cybersecurity risks and IT outsourcing risks.
Download our Summary of the Guidance
The Guidance establishes a number of risk mitigation factors emanating from increased reliance on technological arrangements, that need to be adequately mitigated. This includes the establishment of a comprehensive ICT governance framework. The MFSA Guidance also includes extensive guidance on the outsourcing of IT to third parties.
Pillars of information assurance
The Guidance is principled-based and does not favour one type of technology or service model over another, as long as the compliance obligations can be met. The principle-based approach also applies to ICT risk, security governance, and control frameworks. Significantly, the Guidance allows for the principle of proportionality. As a result, mitigating controls and governance arrangements should take into consideration the nature, scale, and complexity of the technology arrangements, the risks arising thereof, as well as the level of dependence on such technology arrangements for the implementation of critical or important functions. All licensed entities are mandated to ensure compliance with the principles.