Skip to main content
Entire section Custom print Text Only Rich Text Print

6.1.7 Notification to the Central Bank

C 8/2020 STA Effective from 25/12/2020
  1. 6.1.7.1Where breaches of the Data Management Control Framework occur regarding the unauthorized access or release of Consumer Personal Data, the Licensed Financial Institution must record any disciplinary actions taken against any Staff, agents or contractors responsible for the breach. The Licensed Financial Institution must maintain records of such events for 5 years after the event being recorded. The records must be made available to Central Bank upon request.
  2. 6.1.7.2Licensed Financial Institutions must notify the Central Bank of any material Data breaches, losses, destruction or alteration when they occur, in a manner, as may be prescribed by the Central Bank.