Financial Crime World

Here is the rewritten article in markdown format:

Financial Institution Compliance in Cambodia: A Regulatory Overview

The National Bank of Cambodia (NBC) supervises local and foreign banks and other financial institutions such as micro-finance institutions and leasing companies, ensuring that they comply with various legal and regulatory requirements.

Cloud Services Regulations

For financial institutions in Cambodia using cloud services, regulations issued by the NBC provide a framework for planning and implementing cloud services. Key legislation and guidelines include:

  • Technology Risk Management Guidelines (July 2019): Covers contractual and operational areas such as due diligence, risk management, and monitoring and oversight.

Financial institutions are encouraged to implement these guidelines on a voluntary basis within two years from the date of publication. Customers with questions about applicable regulations can reach out to their account representative or contact AWS for further guidance.

Compliance Framework

AWS is committed to offering financial institutions in Cambodia a strong compliance framework and advanced tools and security measures to evaluate, meet, and demonstrate compliance with applicable legal and regulatory requirements.

Privacy Requirements

Financial institutions using cloud services must consider applicable privacy requirements. The AWS whitepaper “Using AWS in the Context of Common Privacy and Data Protection Considerations” provides useful information for customers using AWS cloud services to store or process personal data.

For financial institutions processing or planning to process the personal data of data subjects in the European Union (EU), they should visit AWS’ General Data Protection Regulation (GDPR) Center.

Steps for Compliance

To better understand compliance needs, financial institutions can take several steps:

  • Consider the purpose of the workload and relevant categories of data: Anticipate which legal and regulatory requirements may apply.
  • Assess the criticality of the relevant workload: Procure the necessary approvals or issue the appropriate notice.

AWS Shared Responsibility Model

The AWS Shared Responsibility Model outlines responsibilities for both AWS and customers, while AWS Artifact provides access to audit reports and enables customers to conduct their assessment of control responsibilities.

Additional Resources

Additional resources are available for download through AWS Artifact, including:

  • “AWS Regulatory Approval Resource for Financial Services in Cambodia”: A user guide specifically designed for financial institutions in Cambodia.
  • User Guide: Provides step-by-step instructions on how to use AWS services for financial institutions in Cambodia.

Getting Started

For further information or guidance on how AWS services can enable security and compliance needs, financial institutions can contact their account representative or AWS.