Compliance
Compliance Corner: FINMA Fires Risk Warnings At Fund Industry
The latest compliance news: regulatory developments, punishments, guidance, permissions, new product and service offerings.
FINMA
The
Swiss Financial Market Supervisory Authority, or FINMA, says it has increasingly
noticed “weaknesses” in the way fund management firms and
managers of collective assets handle operational risks as digital
technology spreads.
In a new (German language) report, the watchdog said the digitalisation of financial commerce is adding to operational risks.
FINMA has issued general principles about how to handle these threats in areas such as communications tech, data, cybersecurity, business continuity, legal issues, and outsourcing.
As far as cybersecurity risks are concerned, FINMA noted that outsourcing can be a weak spot.
“In 2022 and 2023, more than half of the reported cyber attacks involved outsourced services. FINMA also very frequently identifies weaknesses in this area as part of its supervisory activities with regard to cyber risks. In addition to outsourcing, there is a recurring focus on other topics, such as governance in dealing with cyber risks,” it said.
FINMA said it carried out more than a dozen cyber-specific on-site supervisory reviews last year.