On March 21, the Securities Commission of Malaysia issued a consultation on a proposed cybersecurity framework for capital markets participants. The Securities Commission views sound management of cybersecurity risk as a key priority to further strengthen the resilience of Malaysia's capital markets. Key regulatory requirements proposed include:
- Roles and responsibilities of the Board and senior management in having oversight and managing cybersecurity risk;
- Establishment of internal cybersecurity policies and procedures that should be developed by the capital market participants; and
- Measures for managing cybersecurity risk
The proposed regulatory requirements will be imposed on all capital market participants that are regulated by the Securities Commission including exchanges, license holders, registered persons and other self-regulatory organizations.