• Straits Interactive

What should an organisation look out for in third party management? The case of MAS' concern

Updated: Feb 5

By Lee Wen Xin, DPEXNetwork Community Development Executive

Edited by Leong Wai Chong, CIPM, GRCP

As businesses continue to transform and digitalise in Asia and globally, the incentive for malicious actors to hack into these systems, steal and gather data grows in tandem. Earlier this week on the 18th January 2021, the Monetary Authority of Singapore (MAS) announced new rules for all financial institutions and those in the fintech industry in Singapore after SolarWinds cyber-attack exposes firms around the world.

MAS said that financial institutions are increasingly reliant on third-party service providers as they adopt new technologies. Using an external vendor which may procure third-party tools brings significant risks to banking systems.

Weaknesses may arise during the engagement of the third party. The gap could be from:

  • Awareness of data protection regulatory requirements and risks when personal data are involved

  • Translation and communication of requirements in the scope of contract

  • adequacy in contract specifications to enforce and control of specifications

  • Third-party may further procure or subcontract solutions in which the requirements- specifications may be “lost in translation”.

  • Selecting the right service provider according to their strengths

  • Managing the vendors, which include risk assessment and controls on the vendors.

... continue reading

1 view0 comments
  • Facebook
  • YouTube




43D Beach Road Singapore 189681
Tel: +65 6815 8010
Fax: +65 6717 4885

Tel: + 603 9212 8533

Tel: + 63 91 7515 0369


Tel: +91 99453 74115


Copyright © 20 Straits Interactive Pte Ltd. All rights reserved. 
All third party trademarks (including logos and icons) referenced remain the property of their respective owners.