Hong Kong SFC and HKMA Issue New Guidelines for Reducing and Mitigating Hacking Risks Associated with Internet Trading
November 1, 2017
On October 27, 2017, the Hong Kong Securities and Futures Commission (“SFC”) issued Guidelines for Reducing and Mitigating Hacking Risks Associated with Internet Trading (the “Guidelines”), a set of baseline cybersecurity requirements that all persons licensed or registered with the SFC and engaged in internet trading will be required to implement.
The Hong Kong Monetary Authority (“HKMA”) simultaneously issued a circular to CEOs of Registered Institutions requiring them to apply the Guidelines.
The new guidelines should be viewed as requirements for securities and futures dealers and asset managers registered with the SFC and banks supervised by the HKMA (which include a number of foreign banks that operate branches in Hong Kong). For e-commerce firms and other companies that do business in or have connections to Hong Kong, the new guidelines should additionally be viewed as relevant guidance for best practices in cybersecurity.