OSFI Unveils Two Draft Guidelines: Ensuring Integrity and Security in Financial Institutions and Enhancing Operational Resilience and Risk Management
Oct 13, 2023
On October 13, 2023, the Office of the Superintendent of Financial Institutions (OSFI) released two draft guidelines; an Integrity and Security Guideline, which sets expectations for the integrity and security of financial institutions, including protection against foreign interference and, an enhanced Guideline E-21 on Operational Resilience and Operational Risk Management
The draft Integrity and Security Guideline provides clarity on what integrity and security entail for financial institutions, how they relate to one another, and where they are already reflected in our current guidelines. Enhanced Guideline E-21 sets expectations for operational resilience. It modernizes OSFI’s guidance on operational risk management, including new expectations for business continuity management, crisis management, change management, and data risk management.
The two consultations were announced at the same time given that operational resilience and operational risk management contribute to the integrity and security of financial institutions.
The feedback on the Integrity and Security Guideline is expected by November 24, 2023 while feedback on Guideline E-21 is expected by February 5, 2023.
Review the Draft Integrity and Security Guideline and Guideline E-21 on the OSFI website.