Financial Crime World

Here is the article in markdown format:

Central Bank Issues Guidelines for Reporting Cyber Incidents

Enhancing Cybersecurity Posture of Financial Institutions

Port of Spain, Trinidad and Tobago - In a move to enhance the cybersecurity posture of financial institutions in the country, the Central Bank of Trinidad and Tobago has issued guidelines for reporting cyber incidents.

What Constitutes a Reportable Incident?

According to the guidelines, financial institutions are required to report any incident that disrupts their business systems or operations, including:

  • Utility or data centre outages
  • Loss or degradation of connectivity
  • Breaches of internal risk appetite or thresholds

Reporting Requirements

The guidelines specify the following reporting requirements: * Initial notification within 24 hours of becoming aware of a cyber-incident * Submission of a comprehensive report using the provided template within 72 hours * Providing regular updates to the Central Bank until all details about the incident have been provided

Importance of Transparency and Timely Communication

The guidelines emphasize the importance of transparency and timely communication in case of a cyber-incident, as well as the need for financial institutions to provide situation updates, including: + Short-term and long-term remediation actions and plans

Cyber Incident Reporting Template

The Central Bank has made available a Cyber Incident Reporting Template to facilitate compliance with the guidelines.

Failure to Report May Result in Enhanced Supervision

Failure to report incidents as outlined above may result in increased supervisory oversight, including but not limited to: * Enhanced reporting by the financial institution and/or * Issuance of compliance directions as relevant

Ongoing Efforts to Promote Cybersecurity Best Practices

The guidelines are part of the Central Bank’s ongoing efforts to promote cybersecurity best practices among financial institutions in Trinidad and Tobago. The bank has also emphasized the importance of: + Incident response planning + Threat intelligence sharing + Continuous monitoring to mitigate cyber threats

Contact Information

For more information on the Cybersecurity Best Practices Guideline and reporting requirements, please contact the Central Bank of Trinidad and Tobago at [insert contact details].