On November 25, the Financial Market Committee (CMF, for its acronym in Spanish) launched a public consultation on data security management and cybersecurity with a view to establishing guidelines and good practices for all entities involved. The text will be open for comments until 27 December.
The regulation is aimed at those banks, banking subsidiaries and other entities supporting bank transfers, as well as the issuers and operators of payment cards. The idea is to equip them with procedures to prevent operational events related to information security and cybersecurity and strengthen their response to such problems.
The text is divided into four sections. The first establishes general guidelines for handling these issues while the second section provides institutions with instructions on implementing risk mitigation procedures to strengthen data security and cybersecurity systems. The third addresses issues relating to cybersecurity, and the fourth focuses on key policies and procedures required to identify assets making up the critical infrastructure of the financial industry and the payment system, as well as for the adequate exchange of incident information with other members of this critical infrastructure.
Separately, you may wish to read the circular published by the Central Bank concerning services provided by the Real Time Gross Settlement System of the Central Bank of Chile (LBTR in Spanish).