On 4 November 2019, Singapore’s Parliament published a draft amendment to the Banking Act.
Under the amendment, all banks will be required to evaluate the ability of their service providers (whether these be a branch or office, or an external party) to:
(a) safeguard the confidentiality and integrity, and ensure the availability, of the banks’ information; and
(b) protect all customer information against unauthorised disclosure, retention, or use.
Where the service provider is a branch or office of the bank, specific provisions covering the above must be included in the branch or office’s policies and procedures.
Where the service provider is an external party, however, then the relevant provisions must be included in the contract between the bank and the provider.
Such policies and procedures, or contract, as the case may be, must also confer on the bank, the regulator (the Monetary Authority of Singapore or MAS), or an auditor appointed by the bank, the right to audit the books of the service provider to ensure that the above requirements have been complied with.Continue Reading New requirements for Singapore banks to include provisions in service contracts on protection of customer data