Operational resilience
The asset management industry is heavily reliant on information and communication technology (ICT). This trend is only set to intensify, on the back of fresh digital-technology challenges, including improvement of data availability, digitalization of assets, new processes in custody and settlement.
Against this backdrop, EFAMA has become increasingly more active on the topics of operational resilience and cybersecurity, supporting the European Commission’s intent to develop a harmonised framework for ICT risks and operational resilience. Principles and risk-based requirements should enable firms to implement controls that are future-proof, flexible, proportionate, and commensurate to the risks. On this basis, EFAMA is engaging with policy makers negotiating the Digital Operational Resilience Act (DORA) and contributing to cyber-prevention also jointly with other trade associations.
EFAMA's views on further criteria for critical ICT Third Party Service Providers (CTPPs) and oversight fees levied on such providers
EFAMA responds to Commission consultation on digital operational (cyber) resilience in financial services
As players in a globalised and technologically-driven financial services industry, asset management companies face cyber-security risks on a daily basis. Cyber-attacks aim mainly at obtaining, or restricting access to, sensitive data, related to clients and/or to portfolio construction and composition, trading and risk management, among other asset management functions.
ESA's consultation paper on draft RTS to further harmonise ICT Risk Management Tools, methods, processes and policies as mandated under article 15 and 16(3) of regulation (EU) 2022/2554.
EFAMA launches Cyber Resilience Working Group
Updated Cyber Security Program Basics for investment management companies
