OSFI Archives - IPOsgoode /osgoode/iposgoode/tag/osfi/ An Authoritive Leader in IP Wed, 07 Dec 2022 17:00:00 +0000 en-CA hourly 1 https://wordpress.org/?v=6.9.4 OSFI, FCAC, And CDIC Release Joint Statement Reinforcing Expectations For Crypto-Asset Activities And Crypto-Related Services /osgoode/iposgoode/2022/12/07/osfi-fcac-and-cdic-release-joint-statement-reinforcing-expectations-for-crypto-asset-activities-and-crypto-related-services/ Wed, 07 Dec 2022 17:00:00 +0000 https://www.iposgoode.ca/?p=40335 The post OSFI, FCAC, And CDIC Release Joint Statement Reinforcing Expectations For Crypto-Asset Activities And Crypto-Related Services appeared first on IPOsgoode.

]]>

M. Imtiaz Karamat is an IP Osgoode Alumnus and Associate Lawyer at Deeth Williams Wall LLP. This article was originally posted on on November 30, 2022.


On November 16, 2022, the Office of the Superintendent of Financial Institutions (OSFI), the Financial Consumer Agency of Canada (FCAC), and the Canada Deposit Insurance Corporation (CDIC) (collectively, the Federal Agencies) released a(the Statement) addressed to federally regulated entities involved in crypto-asset activities or crypto-related services. The Statement reinforces the Federal Agencies’ expectations that regulated entities should adhere to applicable regulatory requirements and guidance when engaging in the crypto space.

The Statement set out how the Federal Agencies are monitoring the management of risks associated with crypto-asset activities by entities. The Federal Agencies believe that such risks should be clearly understood and addressed for any planned activity, and direct regulated entities to ensure that any crypto-asset activity complies with existing federal financial laws and issued regulations or guidance. In accordance with this position, the Statement describes the key competencies and guidance of each of the Federal Agencies as they relate to the subject matter:

  • Prudential Regulation.When dealing in the crypto space, regulated entities should consult with OSFI’s Digital Innovation Roadmap and recently published advisory on crypto-asset exposures, entitled.
  • Consumer Protection.FCAC expects regulated entities to notify them when developing or offering crypto-assets and provide any further information requested by FCAC. This notification allows FCAC to assess the applicability of market conduct obligations as outlined in relevant legislation and associated regulations. A definition of “crypto-assets” is included in the Statement for further guidance.
  • Deposit Insurance.Crypto-assets are not eligible for deposit insurance under the currentCDIC Act. With this in mind, CDIC expects its member institutions to prioritize transparency when disclosing information on deposit insurance protection to consumers as such information is critical for them to make informed financial decisions. This aligns with the, which requires CDIC members to take steps to ensure that themselves and their business partners do not provide misleading or deceptive information regarding deposit insurance protection.

The post OSFI, FCAC, And CDIC Release Joint Statement Reinforcing Expectations For Crypto-Asset Activities And Crypto-Related Services appeared first on IPOsgoode.

]]>
OSFI Releases Final Version Of Guideline B-13: Technology And Cyber Risk Management /osgoode/iposgoode/2022/08/15/osfi-releases-final-version-of-guideline-b-13-technology-and-cyber-risk-management/ Mon, 15 Aug 2022 16:00:00 +0000 https://www.iposgoode.ca/?p=39894 The post OSFI Releases Final Version Of Guideline B-13: Technology And Cyber Risk Management appeared first on IPOsgoode.

]]>

M. Imtiaz Karamat is an IP Osgoode Alumnus and Associate Lawyer at Deeth Williams Wall LLP. This article was originally posted on on July 27, 2022.


On July 13, 2022, the Office of the Superintendent of Financial Institutions (OSFI)its final Guideline B-13: Technology and Cyber Risk Management (Guideline B-13), which describes OSFI’s expectations for how federally regulated financial institutions (FRFIs) should manage technology and cyber risks.

OSFI views the large increase of cyber incidents in Canada as an urgent call for FRFIs to bolster their technology and cyber risk management practices. Guideline B-13 is OSFI’s answer to this call and provides a flexible, principle-based regulatory framework for FRFIs to strengthen their cybersecurity posture with strategies that account for their size, nature, scope, and complexity.

Guideline B-13 is the final result of an extensive consultation process that started in September 2020 and included an initial draft Guideline B-13 in November 2021, as previously reported by the E-TIPS® NewsletterԻ. The final Guideline B-13 takes a more streamlined approach than the previous iteration and is organized around three “domains” as opposed to the first draft’s five-domain structure. Each domain sets out specific outcomes for FRFIs to achieve in order to align with OSFI’s expectations:

  1. Governance and Risk Management: Technology and cyber risks should be governed by clear accountabilities and structures, and comprehensive strategies and framework.
  2. Technology Operations and Resilience: The FRFI has a technology environment that is stable, scalable, and resilient. The environment should remain current and supported by technology operating and recovery processes that are “robust and sustainable”.
  3. Cyber Security: Guideline B-13 requires the FRFI to implement a technology posture that maintains the confidentiality, integrity, and availability of its technology assets.

Guideline B-13 is set to come into effect on January 1, 2024, which gives FRFIs time to review the framework and ensure that they meet compliance.

The post OSFI Releases Final Version Of Guideline B-13: Technology And Cyber Risk Management appeared first on IPOsgoode.

]]>
OSFI Launches Consultation On Draft Technology And Cyber Risk Management Guideline /osgoode/iposgoode/2021/11/26/osfi-launches-consultation-on-draft-technology-and-cyber-risk-management-guideline/ Fri, 26 Nov 2021 17:00:00 +0000 https://www.iposgoode.ca/?p=38698 The post OSFI Launches Consultation On Draft Technology And Cyber Risk Management Guideline appeared first on IPOsgoode.

]]>
M. Imtiaz Karamat is an IP Osgoode Alumnus and Associate Lawyer at Deeth Williams Wall LLP. This article was originally posted on .

On November 9, 2021, the Office of the Superintendent of Financial Institutions (OSFI)a public consultation on Draft Guideline B‑13: Technology and Cyber Risk Management (the Guideline). It applies to federally regulated financial institutions (FRFIs) and addresses OSFI’s expectations in relation to technology and cyber risks.

The Guideline is organized into five domains, with each domain describing OSFI’s desired outcome for FRFIs in a certain aspect of technology and cyber risk management:

  1. Governance and Risk Management:the FRFI has a clear framework and comprehensive strategy to govern technology and cyber risks.
  2. Technology Operations:there isa resilient and scalable technology environment in place that is kept up-to-date by robust operating processes.
  3. Cyber Security:the FRFI is able to maintain the confidentiality, integrity, and availability of technology assets.
  4. Third-Party Provider Technology and Cyber Risk:third-party providers deliver reliable and secure technology and cyber operations to the FRFI.
  5. Technology Resilience:the FRFI has proper disaster recovery capabilities that allows the delivery of technology services through operational disruption.

In its announcement of the consultation, OSFI commented on the importance of stakeholder engagement to strike the appropriate balance between its prudential objectives, while still allowing financial institutions to compete. Accordingly, OSFI welcomes public feedback on the Guideline and is especially interested in feedback that addresses the clarity and application of their outlined expectations, the balance between principles and prescriptiveness in these expectations, and other suggestions that relate to OSFI’s mandate.

The consultation is open until February 9, 2022 and comments can be submitted atTech.Cyber@osfi-bsif.gc.ca.

The post OSFI Launches Consultation On Draft Technology And Cyber Risk Management Guideline appeared first on IPOsgoode.

]]>