Data connectivity between Bangko Sentral ng Pilipinas and The Monetary Authority of Singapore.
Bangko Sentral ng Pilipinas (BSP) and The Monetary Authority of Singapore (MAS) have recognised the ability to aggregate, store, process, and transmit data across borders is critical to the development of the financial sector.
The expanding use of data in financial services and the increasing use of technology to supply financial services offer a range of benefits, including greater consumer choice, enhanced risk management capabilities, and increased efficiency.
These developments also pose new and complex risks for markets and challenges for policymakers and regulators.
BSP and MAS will work together and with other countries and authorities to promote an environment in financial services that fosters the development of the global economy.
Promotion of data connectivity
Both organisations understand that data localisation requirements can increase cybersecurity and other operational risks, hinder risk management and compliance, and inhibit financial regulatory and supervisory access to data.
Data mobility in financial services supports economic growth and the development of innovative financial services, and benefits risk management and compliance programs, by, amongst others, making it easier to detect cross-border money laundering, terrorist financing patterns, and proliferation financing; defend against cyberattacks; and manage and assess risk on a global basis.
With these issues at hand, both the BSP and MAS intend to promote the adoption and implementation of policies and rules that facilitate the following goals with respect to the operation of banks and non-bank financial institutions falling within the jurisdiction of either BSP or MAS (“covered institutions”):
- Covered institutions should be allowed to transfer data, including personal information, across borders by electronic means provided this activity is for the conduct of the business within the scope of their license, authorisation, or registration.
- The location where covered institutions can store and process their data should not be restricted if BSP and MAS have full and timely access to the data necessary to fulfill their regulatory and supervisory mandate.
- If BSP or MAS is unable to access the data as described in paragraph above, covered institutions should have the opportunity to remediate such lack of access before being required to use or locate computing facilities locally.
- BSP and MAS also intend to, as appropriate, encourage other authorities to adopt policies and rules which facilitate the goals set out.
- Information sharing
- BSP and MAS also intend to share information on developments related to the adoption and implementation of the policies and rules referred to in paragraphs.
Both organisations are aware that any transfers of data, including personal information, across borders by electronic means by covered institutions should be subject to the applicable laws, rules and regulations of Philippines and Singapore on data privacy, security, governance, and confidentiality of individual records and accounts.