May 18, 2021 - The Financial Market Commission (CMF) has published for consultation a regulation an amendment to the general rules applied to the savings and credit cooperatives it supervises. The aim is to homologate the standards to be followed by cooperatives regarding operational risks with the ones already in place for banks, support companies of banking activities, and non-banking payment card issuers and operators.
Savings and credit cooperatives can perform a wide range of financial operations and services as stated in the General Law on Cooperatives. These include vista accounts; savings accounts; term deposits; and issuance of credit and payment cards, among others. Therefore, it is essential that they have a regulatory framework allowing them to develop adequate security levels in accordance with the scale and complexity of each entity's operations.
The current operational risk and cybersecurity framework that the CMF has established for supervised financial institutions pursuant to the General Banking Act considers the following:
- Electronic fund and information transfers.
- Outsourcing of services (especially data processing services and additional safeguards in the case of cloud-based services).
- Business continuity management, including the operation of data processing sites.
- Information security and cybersecurity.
As well as the mentioned aspects, there is also a regulation on reporting operational incidents to the CMF, which is also applied to cooperatives.
Any application of the regulatory framework must consider the nature, volume, and complexity of each cooperative's operations. This includes base security safeguards required by services inherent to its economic activities.
Interested parties can access the Draft Rules and Norms section of the CMF website to check the details of the proposal and submit their feedback until May 31, 2021.