This site uses cookies to provide you with a more responsive and personalised service. By using this site you agree to our use of cookies. Please read our cookie notice ( for more information on the cookies we use and how to delete or block them.
The full functionality of our site is not supported on your browser version, or you may have 'compatibility mode' selected. Please turn off compatibility mode, upgrade your browser to at least Internet Explorer 9, or try using another browser such as Google Chrome or Mozilla Firefox.

Technology and Cyber Security Incident Reporting

  • Securities - OSFI Image

Jan 30, 2019

In January 2019, the Office of the Superintendent of Financial Institutions (OSFI) released the advisory "Technology and Cyber Security Incident Reporting", which sets out OSFI’s expectations for federally regulated financial institutions (FRFIs) with respect to the reporting of technology and cyber security incidents affecting FRFI operations.

The advisory describes characteristics of incidents that should be reported to OSFI, in addition to initial notification and subsequent reporting requirements.

The advisory comes into effect on March 31, 2019.  In the meantime, FRFIs are expected to continue reporting any major incidents according to previous instructions communicated by their Lead Supervisors. Effective March 31, 2019, this Advisory supersedes any prior instructions for technology and cyber security incident reporting.

Review the press release and advisory on the OSFI's website.

Correction list for hyphenation

These words serve as exceptions. Once entered, they are only hyphenated at the specified hyphenation points. Each word should be on a separate line.