OSFI updates Technology and Cyber Security Incident Reporting Advisory

On August 13, 2021, the Office of the Superintendent of Financial Institutions (OSFI) released an updated Technology and Cyber Security Incident Reporting Advisory (Advisory) that imposes enhanced requirements for federally regulated financial institutions (FRFIs) regarding the prompt (within 24 hours or sooner if possible) reporting of technology and cybersecurity incidents to OSFI. The Advisory is effective immediately and will likely require many FRFIs to update their incident response practices/procedures and agreements with IT service providers and other third parties.

Read Brad Freedman’s bulletin on this topic.

This content has been updated on October 16, 2021 at 16 h 23 min.