shutterstock_1202221816
6 February 2023Analysis

BMA Cyber Risk Code deadline upcoming

Legal firm Conyers has issued a reminder to the market that the Bermuda Monetary Authority (BMA) has laid down that all relevant legal institutions must be in compliance with the Cyber Risk Code by 15 February 2023.

The BMA published the revised Operational Cyber Risk Management Code of Conduct for corporate service providers, trust companies, money services businesses, investment businesses and fund administration providers, banks and deposit companies on 26 September 2022.

The Cyber Risk Code requires the board of directors and senior management team to have oversight of cyber risks, and for the board to approve, at least annually, a cyber risk policy.

Each relevant legal institution is also required to appoint a chief information security officer to oversee and implement its cyber risk programme and enforce the cyber risk policies.


More on this story

news
9 August 2023   It is unclear as yet whether or how many captives may be impacted.
Analysis
28 March 2023   The Authority encouraged insurers to use the updated models.
Analysis
21 March 2023   A financial services expert has been brought in, with experience in banking.