KUALA LUMPUR: The Securities Commission (SC) has issued guidelines on technology risk management, which aims to promote robust and sound technology risk management practices among capital market entities.

In a statement, the regulator said the guidelines also sets out the SC’s expectations on capital market entities when they manage their technology risk.

It said the formulation of the guidelines taken into account feedback received from the Public Consultation Paper on The Proposed Regulatory Framework on Technology Risk Management, which was published last year.

“Among the requirements set out in the guidelines include the establishment and implementation of an effective technology risk framework, technology project management, technology service provider management and cyber security management by capital market entities,” it said.

It said the guidelines will be applicable to all capital market entities licenced, registered, approved, recognised or authorised by the SC. The SC said the guidelines are expected to come into effect in the third quarter of 2024 to allow time for capital market entitles to familiarise and meet with the requirements.

The SC will be engaging with related capital market entities to provide guidance, where required, on the requirements of the guidelines.

Any queries on the new guidelines may be submitted to gtrm@seccom.com.my. The guidelines are now available on the SC website at https://www.sc.com.my/regulation/guidelines/cyber-risk-and-technology-risk.