Regulatory

Blog

Regulatory

Contributors

Aki Corsoni-Husain
Aki Corsoni-Husain
  • Aki Corsoni-Husain

  • Partner
  • Cyprus
George Apostolou
George Apostolou
  • George Apostolou

  • Partner
  • Cyprus
Chiara Deceglie
Chiara Deceglie
  • Chiara Deceglie

  • Partner
  • Luxembourg
Massimiliano della Zonca
Massimiliano della Zonca
  • Massimiliano della Zonca

  • Senior Associate
  • Luxembourg
Philip Graham
Philip Graham
  • Philip Graham

  • Partner
  • British Virgin Islands
Ayana Hull
Ayana Hull
  • Ayana Hull

  • Counsel
  • British Virgin Islands
Katerina Katsiami
Katerina Katsiami
  • Katerina Katsiami

  • Associate
  • Cyprus
Andrew Knight
Andrew Knight
  • Andrew Knight

  • Partner
  • Luxembourg
Joshua Mangeot
Joshua Mangeot
  • Joshua Mangeot

  • Counsel
  • British Virgin Islands
Mirza Manraj
Mirza Manraj
  • Mirza Manraj

  • Counsel
  • Hong Kong
Elina Mantrali
Mirza Manraj
  • Elina Mantrali

  • Associate
  • Cyprus
Vanessa Molloy
Vanessa Molloy
  • Vanessa Molloy

  • Partner
  • Luxembourg
Andrea Moundi Savvides
Andrea Moundi Savvides
  • Andrea Moundi Savvides

  • Consultant
  • Cyprus
Marina Stavrou
Marina Stavrou
  • Marina Stavrou

  • Associate
  • Cyprus
Matt Taber
Matt Taber
  • Matt Taber

  • Partner
  • Cayman Islands
Carolynn Vivian
Carolynn Vivian
  • Carolynn Vivian

  • Senior Associate
  • Cayman Islands

Cayman Islands regulated entities should have cybersecurity policies and procedures

All Cayman Islands regulated entities, including those that are licenced or registered under the Cayman Islands’ Securities Investment Business Act, are reminded that they should establish, implement, and maintain a documented cybersecurity framework that is designed to promptly identify, measure, assess, report, monitor and control or minimise cybersecurity risks as well as responding to and recovering from cybersecurity breaches that could have a material impact on their regulated business.

The cybersecurity framework should be consolidated into a set of policies and procedures which should be kept under periodic review by compliance and information technology personnel to ensure that the licensee or registered person complies with the relevant rules on cybersecurity and statement of guidance issued by the Cayman Islands Monetary Authority.

The requirement to have cybersecurity policies and procedures does not apply to regulated Cayman Islands mutual funds or registered private funds.

Copies of the  CIMA Rule can be found here and the CIMA Statement of Guidance here.