Federal banking regulators will be addressing concerns about a range of technology risks in revised guidance in the months ahead.
Last September, the Office of the Superintendent of Financial Institutions (OSFI) launched a consultation on developing financial sector resilience in the face of a range of digital risks including cybersecurity, the use of advanced analytics, artificial intelligence (AI) and machine learning.
OSFI reported that the feedback it received to its consultation paper expressed “broad support” to its principles-based, technology-neutral approach to addressing these kinds of risks.
“Respondents indicated that OSFI should first leverage its existing guidance, and align any additional guidance with existing international and IT standards,” it said.
To that end, it’s planning to publish new technology and cyber risk guidance by the fourth quarter of 2021; to revise its guideline on third-party risk by the first quarter of 2022; and to issue revised operational risk and model guidance sometime in 2022-2023.