Page 62 - SC Annual Report 2018 (ENG)
P. 62
Securities
Commission
Malaysia
ANNUAL
REPORT
2018
In addition to improving efficiency, the risk Within the SC, periodic reviews were carried out
surveillance indicators will provide an overall view on on the state of preparedness of key functions in
key risk areas, enabling early detection of risk build up managing incidents from external developments.
and the consideration of appropriate interventions. In 2018, internal incident management procedures
were reviewed and tested based on several
scenarios. The scenario testing showed that the
Augmenting business continuity SC is able to manage and respond to incidents
capabilities to ensure orderly functioning of the capital
market. Additionally, departments in the SC have
Efforts in ensuring overall systemic resilience in in place their own dedicated business continuity
the capital market were complemented by a focus plans which were also tested through desktop
group consultation on the proposed framework simulations.
on Business Continuity (Business Continuity
Framework). 75 responses were received from a
cross-section of capital market intermediaries and Strengthening cyber risk management
market participants. Feedback was encouraging,
constructive and provided additional input for The SC is committed to put in place effective and
refinement of the framework. efficient cyber resilience practices given the
increased use and dependence on data and
The proposed Business Continuity Framework electronic communications, greater complexity of
aims to set out six broad principles articulating technologies in the financial markets and evolving
the SC’s expectation for market institutions and cyber threats from a variety of sources.
intermediaries. The framework is expected to be
issued in 2019. (Diagram 9)
Diagram 9
Principles embedded in the Business continuity Framework
Business Continuity Framework
Principle 1 Principle 2 Principle 3 Principle 4 PrINCIPLE 5 Principle 6
Board and
senior Major Recovery
management operational objectives and Testing and Maintenance
responsibility disruptions strategies communication training and review
Endorsement Risks of major Recovery Comprehensive Conducted Business
and approval operational objectives and escalation annually to ensure continuity
of an effective disruptions, strategies are procedures and effectiveness arrangements
framework that is including developed communication and relevance by are maintained
proportionate to interdependency according to plans are incorporating and regularly
the nature, scale and concentration risk-based established and evolving market reviewed. Updates
and complexity of risks are identified principles. embedded in the practices, changes or changes are
business by the entities. business continuity in key personnel acknowledged,
operations. framework to and any regulatory approved and
address any updates. endorsed by
reputational board members
risk from major and senior
operational management.
disruptions.
52 | PART 2 »» SHAPING MARKET CONDUCT
NEW_36-59.indd 52 2/21/19 9:27 AM