The Superintendency of Financial Services established a new regulatory project aimed at improving the security of electronic transactions.
Frauds and scams are the negative side that has emerged along with the increase in the implementation of electronic media within the financial system. For this reason, the Central Bank of Uruguay (BCU) is advancing a new regulatory project that seeks to protect users from these malicious uses of technology.
The content you want to access is exclusive for subscribers.
He BCU, through the Superintendence of Financial Services (SSF) announced that it is working on a regulatory project “that introduces modifications to the Compilation of Regulation and Control Standards of the Financial System on obligations for issuers of electronic instruments”. The objective is to protect users against the proliferation of frauds and scams carried out through these instruments.
In this regard, one of the modifications is included in the measures that guarantee the security of the system in which the electronic medium in question operates. There, an article on the subject of Strong authentication of clients, “which extends the obligation of issuers currently in force to apply a Two-factor authentication to transfers or payments to third parties made from a bank account, to transfers to the user’s own accounts in another institution, and to loan applications made in a non-face-to-face manner.”
Also, regarding notifications to the user, it will no longer be mandatory to offer the user the possibility of receive notifications each time a transaction is processed, but the obligation will be to send such notifications to the user. In any case, the user may be given the possibility of modifying such parameters on his own account and under his own responsibility.
In the statement, the SSF also notes that it “continues to work on other aspects in the area of security of electronic instruments taking into account the risks involved, as well as the efficiency of the financial and payment system.” These advances will be reported later, in a second stage of the project, which is estimated for the last quarter of the year.
However, he said that some exceptions to the application of the law are being analyzed. Two-factor authentication for operations that entail a lower risk for users.
Cybersecurity indicators
Since this year, Uruguay has official indicators of cybersecurity and on the development of this subject in the country’s companies, with the aim of diagnosing and strengthening the ecosystem of practices against cybercrime.
The Agency for Electronic Government and Information and Knowledge Society (Agesic) incorporated indicators of cybersecurity In two investigations carried out by the National Institute of Statistics (INE) and the National Development Agency (ANDE).
This initiative is in line with the objectives and goals set out in the Uruguay Digital Agenda 2025 and the Digital Government Plan 2025 to strengthen the national ecosystem of Cybersecurity, “expanding monitoring, detection, prevention and response capabilities,” the government agency said in an official statement.
Source: Ambito