Perspectives

EBA publishes the final guidelines on ICT and security risk management

The European Banking Authority (EBA) published on November 28th the final guidelines on ICT and security risk management whose role is to set up requirements for credit institutions, investment firms and payment service providers (PSPs) in regards to mitigating and managing their information and communication technology (ICT) as well as security risks.

The operations of the financial institutions have become more vulnerable to ICT and security risks due to the increased digitalisation in the financial sector. In this regard, sound ICT and security risk management are key for a financial institution to achieve its objectives (corporate, strategic, operational as well as reputational ones).

This article provides further insight on how financial institutions should manage internal and external ICT and security risks that they are exposed to.

Authors

Dimitrios Goranitis

Central Europe FSI leader

digoranitis@deloittece.com

+40 21 222 16 61

Dimitrios Goranitis is Financial Services Industry Risk and Regulatory Advisory Partner in Deloitte Romania. Dimitrios is leading Deloitte’s risk service offering in Central Europe focusing on banking... More

Audit & Assurance

Financial Advisory

Consulting

Legal

Tax

Risk Advisory

Deloitte Private

Consumer

Energy, Resources & Industrials

Financial Services

Life Sciences & Health Care

Public Sector

Technology, Media & Telecommunications

Real Estate & Construction

Job Search

Deloitte Alumni

Students & Graduates

Experienced hires

Diversity & Inclusion at Deloitte Romania

European Regional Delivery Center

Regional Audit Delivery Center

Tax & Legal Delivery Centre

EBA publishes the final guidelines on ICT and security risk management

Authors

Dimitrios Goranitis

Central Europe FSI leader

Recommendations