DFSA Thematic review on Management of Operational Risk in Money Services

The Riffle

MSPs are reminded to maintain adequate security measures to protect User' credentials and have in place appropriate transaction monitoring systems and controls.

The DFSA recently released a Thematic Review on Management of Operational Risk in Money Service Providers.

Key takeaways:

• MSPs must ensure their Governing Body approves their Operational Risk Policy in accordance with PIB 6.2.2.

• Per PIB 6.13.3(4), MSPs are required to maintain adequate security measures to protect the confidentiality and integrity of Users’ personal security credentials. MSPs should maintain and document these security measures in their policies and procedures.

• MSPs must develop, implement, and document in the MSP’s Operational Risk Policy, the technical standards which address all four requirements mandated by PIB 6.13.5.

• MSPs  must have in place appropriate transaction monitoring systems and controls designed with the relevant risk factors in mind.

You can read the complete Thematic Review here.