Governance in focus — Cyber risk and governance reporting in the UK

Published on: 06 Sep, 2022

With oversight of technological capability, opportunity and risk critical to company success, regulators are increasingly focused on how companies report cyber risk and breaches in security. The Financial Reporting Council’s (FRC's) Financial Reporting Lab published its report Digital Security Risk Disclosure in early August, and earlier this year the US Securities and Exchange Commission (SEC) also published a proposal  to improve disclosure in this area.

Our own analysis of cyber opportunity, risk and governance reporting across the FTSE 100 has now been published, helping audit teams and companies identify examples of good practice and offering insights about how to keep the users of annual reports informed in this important area. We last examined FTSE 100 cyber risk and governance reporting in March 2018 and we are pleased to see considerable progress in companies’ disclosures. However, when compared to the SEC proposal on cyber reporting published March 2022 and the FRC Lab’s disclosure recommendations, it is clear more focus is needed to match the needs of investors as identified by these two market regulators.


Related Topics

Correction list for hyphenation

These words serve as exceptions. Once entered, they are only hyphenated at the specified hyphenation points. Each word should be on a separate line.