Financial Crime World

Here is the rewritten article in Markdown format:

Compliance and Risk Management in Finance: A Must for Financial Institutions in Cambodia

============================================================

The National Bank of Cambodia (NBC) has established strict regulations for financial institutions in the country to ensure compliance with legal and regulatory requirements when using cloud services. In response, AWS has committed to providing a strong compliance framework and advanced tools and security measures to help customers meet these requirements.

Key Legislation and Guidelines

  • The Technology Risk Management Guidelines (July 2019) cover contractual and operational areas such as due diligence, risk management, and monitoring and oversight.
  • The NBC has also issued relevant guidelines for financial institutions planning to use cloud services.

Implementation Timeline

Financial institutions are encouraged to implement these guidelines on a voluntary basis within two years from the date of issuance. However, it is essential for customers to obtain appropriate advice on their compliance with all regulatory and legal requirements that are relevant to their business.

Supervision and Compliance

The NBC supervises local and foreign banks and other financial institutions in Cambodia, including micro-finance institutions and leasing companies. Financial institutions using AWS cloud services must ensure they comply with applicable legal and regulatory requirements, such as those described above.

Steps for Better Understanding Compliance Needs

  • Consider the purpose of the workload(s) under consideration and the relevant categories of data to anticipate which legal and regulatory requirements may apply.
  • Assess the criticality of the relevant workload(s) in light of local requirements and procure the necessary approvals or issue the appropriate notice.

Reviewing AWS Shared Responsibility Model

Financial institutions can review the AWS Shared Responsibility Model and map AWS responsibilities and customer responsibilities according to each AWS service that will be used. Additionally, customers can use AWS Artifact to access AWS’ audit reports and conduct their assessment of control responsibilities.

Additional Resources

For further information on how AWS services can enable security and compliance needs, financial institutions in Cambodia can contact their account representative or the AWS team.

  • AWS Artifact
    • User Guide for Financial Institutions in Cambodia
    • AWS Compliance Quick Reference Guide
    • Navigating GDPR Compliance on AWS
    • Using AWS in the Context of Common Privacy and Data Protection Considerations