On November 30, the Securities Market Superintendency (SMV) opened a consultation process on a draft proposal to modify the Operational Risk Management Regulation. The proposed regulations, which would introduce minimum standards for cybersecurity management, will be in consultation until January 15, 2019.

Through this initiative, the SMV proposes setting minimum standards for cybersecurity management and the subcontracting of data processing in cloud computing, to ensure these areas are properly developed by authorized legal entities. In addition, it requires entities to monitor key operational risk indicators, which must be relayed to the SMV periodically.

Companies will have to adapt to this regulation over the course of 2020. The project will be available on the SMV website (www.smv.gob.pe) until 15 January 2019. Those interested in participating may submit comments and/or suggestions through the following email: [email protected]