The Monetary Authority of Singapore is consulting on proposed changes to its technology risk management rules, aiming to strengthen financial institutions' resilience as digitalisation and cyber threats grow.
The Monetary Authority of Singapore has proposed amendments to its Notices on Technology Risk Management, seeking to reinforce financial institutions' technology resilience amid rapid digitalisation and an evolving threat landscape. Through a consultation paper, the regulator set out changes intended to sharpen expectations across key areas including IT asset management, IT risk assessment and monitoring, change-management controls, and data backup and recovery. The move reflects growing supervisory concern that as banks, insurers and other financial firms rely ever more heavily on digital systems, third-party providers and cloud infrastructure, the potential impact of outages, cyberattacks and operational failures on customers and the wider system also rises. Strengthening the rules is designed to ensure that institutions can prevent, detect and recover from technology disruptions, and that critical services remain available. The consultation invites industry feedback before the measures are finalised. It forms part of a broader effort by the authority to keep Singapore's financial sector secure and competitive as a regional hub, complementing its work on artificial intelligence governance, cyber resilience and operational risk, and signalling that technology risk oversight remains a central supervisory priority.
Key Points
- 1MAS is consulting on amendments to its Technology Risk Management Notices.
- 2The changes target IT asset management, risk monitoring, change controls and data recovery.
- 3The aim is to strengthen financial institutions' resilience to outages and cyber threats.
- 4Industry feedback is invited before the rules are finalised.
Why This Matters
Stronger technology-risk rules help protect consumers and the financial system from disruptions and cyberattacks as banking and insurance become increasingly digital.
Related Stories
UK FCA's Landmark 'Targeted Support' Regime Goes Live to Close the Advice Gap
April 6, 2026
Australia's APRA Operational Risk Standard CPS 230 Amendments Take Effect July 1
July 1, 2026
Singapore MAS Advances Tokenized CBDC Pilot and Digital Finance Framework in 2026
July 1, 2026
US Cyber Incident Reporting Law (CIRCIA) Takes Effect, Requiring 72-Hour Breach Notifications
July 1, 2026
Daily Intelligence
The PolicyGlobal Daily Brief
Get the top 5 insurance and finance stories every morning, curated and verified by our editorial desk. No spam. Unsubscribe anytime.
Informational newsletter only. Not financial advice. Disclaimer