FINMA Guidance 05/2020: duty to report the cyber attacks
2020-05-08 | News & Media

FINMA Guidance 05/2020: duty to report the cyber attacks

On 7th May, FINMA published Guidance 05/2020: duty to report cyber attacks pursuant to Art. 29 para. 2 FINMASA.

Since the institutions supervised by FINMA are under the risk of cyber-attacks, FINMA reminds those institutions to fulfil the requirements under Article 29 para. 2 FINMASA, specifically to immediately report any incident that is of substantial importance to the supervision. This comprises vital cases concerning successful or partially successful cyber attacks.

Cyber attacks of substantial importance to the supervision

The protection of both the individuals and the financial markets with regard to cyber-attacks are considered of substantial importance.

The main focus is on products or services of supervised institutions and their underlying business processes as well as their critical assets, where the cyber-attack can lead to the failure or dysfunction. This may damage the protective goal of availability, integrity and confidentiality of information. Such attacks can also jeopardise the data.

If a cyber-attack on critical assets results in one or more of the protective goals of essential functions and the business processes are under risk - this must be reported to FINMA immediately.

Immediate reporting to FINMA

The affected supervised institution reports to FINMA through the responsible (Key) Account Manager within 24 hours of detecting the cyber-attack and manages an initial evaluation of it. The actual report should be provided within 72 hours via the FINMA web-based survey and application platform (EHP)7,8.

If the new developments under the same cyber-attack occur (after the report to FINMA), a new report should be provided within 72 hours.

Source: https://www.finma.ch/en/documentation/finma-guidance/

Legal disclaimer. This article does not constitute legal advice and does not establish an attorney-client relationship. The article should be used for informational purposes only.

FINMA Gives Permission to Scan Chips during the Online Identification Process

News & Media

2021-05-24

FINMA Gives Permission to Scan Chips during the Online Identification Process

The Swiss Financial Market Supervisory Authority FINMA is updating the procedure of the online identification using the NFC verification by scanning the chip embedded in biometric identity documents.

FINMA publishes its enforcement actions

News & Media

2021-04-07

FINMA publishes its enforcement actions

The publishing of this case report confirms FINMA's accountability obligations regarding its enforcement activities. The case report includes anonymized and generalized cases which were concluded with a court decision.

The IPI and Swiss exporters unite to combat the “Swissness” misuse

News & Media

2021-04-06

The IPI and Swiss exporters unite to combat the “Swissness” misuse

Bern, April 04, 2021 – The Swiss Institute of Intellectual Property (IPI) took an active role in 280 cases of “Swissness” excessive use in 2020. The IPI controls the use of the Swiss national emblem and destroys such goods during the customs examination. Now private and high officials start working together to control the “Swissness” fare dodger abroad.

Start of finance.swiss information platform

News & Media

2020-12-15

Start of finance.swiss information platform

The Swiss Financial Market Supervisory Authority FINMA recommends that the supervised parties affected by the LIBOR replacement sign the new Fallback Protocol of the International Swaps and Derivatives Association (ISDA) in the shortest time possible.