On August 17, the Superintendency of Banking, Insurance and AFP (SBS, for its acronym in Spanish) published a draft regulation on managing information and cybersecurity, with the aim of updating current regulations, taking into account international standards and good practices, The regulation also seeks to encourage entities in the financial system to use digital channels to provide their services. Those interested can send their observations until September 17 to the following link.
The regulation proposes that financial companies implement a strategic security plan to analyze the threats and vulnerabilities of their information assets and indicates that they should have a specialized team available to manage cybersecurity incidents.
Regarding the authentication requirements for digital channels, the regulations encourage companies to implement authentication processes, which must be re-evaluated each time there are changes. Reinforced authentication is required for operations involving fund transfers or, payments, or the contracting of a product or service.